Vulnerability Bulletins |
Vulnerabilidad en el procesado de archivos Bitmap en Internet Explorer permite la ejecución remota de código. |
|
Vulnerability classification |
|
| Property | Value |
| Confidence level | Oficial |
| Impact | Obtener acceso |
| Dificulty | Principiante |
| Required attacker level | Acceso remoto sin cuenta a un servicio estandar |
System information |
|
| Property | Value |
| Affected manufacturer | Microsoft |
| Affected software |
Internet Explorer 5.01 Service Pack 2 Internet Explorer 5.01 Service Pack 3 Internet Explorer 5.01 Service Pack 4 Internet Explorer 5.5 Service Pack 2 Internet Explorer 6 Internet Explorer 6 Service Pack 1 Internet Explorer 6 Service Pack 1 (64-Bit Edition) Internet Explorer 6 for Windows Server 2003 Internet Explorer 6 for Windows Server 2003 (64-Bit Edition) |
Description |
|
|
Una vulnerabilidad de desbordamiento de entero ha sido encontrada en Internet Explorer. La vulnerabilidad reside en el manejo de los archivos BMP, concretamente del campo bfOffBits. La explotación de esta vulnerabilidad podría permitir a un atacante remoto la ejecución de código mediante un archivo bitmap especialmente diseñado que la víctima debe visualizar con Internet Explorer. |
|
Solution |
|
|
Actualización de software Microsoft Internet Explorer 5.01 Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=507E71EF-076B-43C4-8028-E91FCFAB252B Internet Explorer 5.01 Service Pack 3 http://www.microsoft.com/downloads/details.aspx?FamilyId=7AA6F31D-7350-43F8-B72E-ED9D62577A60 Internet Explorer 5.01 Service Pack 4 http://www.microsoft.com/downloads/details.aspx?FamilyId=862E6914-821A-4C51-985B-C3958FAD3D4C Internet Explorer 5.5 Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=E458480C-93F6-454A-A663-FC187C18CD9B Internet Explorer 6 http://www.microsoft.com/downloads/details.aspx?FamilyId=4C2F8A40-1B88-4F93-98B1-1619DCFD7273 Internet Explorer 6 Service Pack 1 http://www.microsoft.com/downloads/details.aspx?FamilyId=06F49985-F19F-4B50-A75F-7636D8BEE576 Internet Explorer 6 Service Pack 1 (64-Bit Edition) http://www.microsoft.com/downloads/details.aspx?FamilyId=FCDA580D-9E3B-4B44-BD65-C8D37A0DD62D Internet Explorer 6 for Windows Server 2003 http://www.microsoft.com/downloads/details.aspx?FamilyId=D86262D9-C66A-4608-8DBE-2492B4AFBC3B Internet Explorer 6 for Windows Server 2003 (64-Bit Edition) http://www.microsoft.com/downloads/details.aspx?FamilyId=1AA8F5A9-71D3-48F7-BB32-F8A4D36C5FB9 |
|
Standar resources |
|
| Property | Value |
| CVE | CAN-2004-0566 |
| BID | 9663 |
Other resources |
|
|
Securitytracker Archives http://www.securitytracker.com/alerts/2004/Feb/1009067.html Microsoft Security Bulletin MS04-025 http://www.microsoft.com/technet/security/Bulletin/MS04-025.mspx |
|
Version history |
||
| Version | Comments | Date |
| 1.0 | Aviso emitido | 2004-02-17 |
| 2.0 | Aviso emitido por Microsoft (MS04-025) | 2004-07-31 |