Signature Detail

HTTP: Script in CHANNEL Tag

This signature detects attempts to exploit the cross-domain vulnerability in Microsoft Internet Explorer. Attackers can create a malicious Web page that, when viewed by a user subscribed to an MSN channel, enables them to obtain information, remotely execute arbitrary code, or take complete control of the target system.

Extended Description

A vulnerability has been reported in Microsoft Internet Explorer that could enable unauthorized access by malicious scripts and Active Content to document properties across different Security Zones and foreign domains. This issue is exposed when a remote site uses the 'AddChannel' method to add a channel. Exploitation of this issue could allow various attacks, such as cookie-theft from an arbitrary domain. Other issues may also facilitate execution of arbitrary code on a vulnerable client system by causing malicious content to be stored on the victim system and then referenced.

Affected Products

• Microsoft Internet Explorer 5.0.1
• Microsoft Internet Explorer 5.0.1 SP1
• Microsoft Internet Explorer 5.0.1 SP2
• Microsoft Internet Explorer 5.0.1 SP3
• Microsoft Internet Explorer 5.0.1 SP4
• Microsoft Internet Explorer 5.5
• Microsoft Internet Explorer 5.5 SP1
• Microsoft Internet Explorer 5.5 SP2
• Microsoft Internet Explorer 6.0
• Microsoft Internet Explorer 6.0 SP1
• Nortel Networks IP softphone 2050
• Nortel Networks Mobile Voice Client 2050
• Nortel Networks Optivity Telephony Manager (OTM)
• Nortel Networks Symposium Web Center Portal (SWCP)
• Nortel Networks Symposium Web Client

References

• BugTraq: 12427
• CVE: CVE-2005-0056
• URL: http://www.kb.cert.org/vuls/id/823971
• URL: http://www.microsoft.com/technet/security/bulletin/ms05-014.mspx