Signature Detail

HTTP: Microsoft Internet Explorer Clone Object Reference Memory Corruption

A memory corruption vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer handles unexpected method calls to HTML objects. Remote attackers can exploit this vulnerability by persuading target users to visit a specially crafted web page. Successful exploitation may allow the attacker to execute arbitrary code on the vulnerable client system, in the context of the logged in user. An attack targeting this vulnerability can result in the injection and execution of arbitrary code. If code execution is successful, the behaviour of the target will depend on the intention of the attacker. Any injected code will be executed within the security context of the currently logged in user. In the case of an unsuccessful code execution attack, Internet Explorer may terminate abnormally.

Extended Description

Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the user's account and possibly the underlying computer. Failed attacks will cause denial-of-service conditions.

Affected Products

• Avaya Messaging Application Server MM 1.1
• Avaya Messaging Application Server MM 2.0
• Avaya Messaging Application Server MM 3.0
• Avaya Messaging Application Server MM 3.1
• Avaya Messaging Application Server
• HP Storage Management Appliance 2.1
• HP Storage Management Appliance I
• HP Storage Management Appliance II
• HP Storage Management Appliance III
• Microsoft Internet Explorer 6.0
• Microsoft Internet Explorer 6.0 SP1
• Microsoft Internet Explorer 7.0
• Nortel Networks CallPilot 1002Rp
• Nortel Networks CallPilot 200I
• Nortel Networks CallPilot 201I
• Nortel Networks CallPilot 702T
• Nortel Networks CallPilot 703T
• Nortel Networks Contact Center Administration
• Nortel Networks Contact Center Express
• Nortel Networks Contact Center Manager
• Nortel Networks Contact Center Manager Server
• Nortel Networks Contact Center Multimedia
• Nortel Networks Contact Center NCC
• Nortel Networks Enterprise VoIP TM-CS1000
• Nortel Networks Multimedia Comm MCS5100
• Nortel Networks Multimedia Comm MCS5200
• Nortel Networks Multiservice Data Manager
• Nortel Networks Self-Service MPS 100
• Nortel Networks Self-Service MPS 1000
• Nortel Networks Self-Service MPS 500
• Nortel Networks Self-Service Peri Application
• Nortel Networks Self-Service Peri Workstation
• Nortel Networks Self-Service Speech Server
• Nortel Networks UMTS Null
• Nortel Networks W-NMS-CNM 1.0
• Nortel Networks W-NMS-UMTS 4.2

References

• BugTraq: 26816
• CVE: CVE-2007-3903