Follow:

Exploit:Win/MSIE.PluginRendering.RCE!CAN-2003-0115

Severity rating
Critical

Class/Type
Exploit

Discovered date
2003-04-23T00:00:00

Attack vector
Remote

Authentication required
No

Public exploits available
No

Signature detection
Medium



On this page




Description

Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check parameters that are passed during third party rendering, which could allow remote attackers to execute arbitrary web script



Impact

An attacker could exploit this vulnerability by hosting a website, constructing a specially formed page, and enticing a user to visit the website If the user visited this web page and clicked on a specially formed link referencing a third party file type, Internet Explorer could allow script to run in the local computer zone.



Technical details (analysis)

Internet Explorer has the capability to render several different file types within the browser window. For instance, Internet Explorer has the ability to render Microsoft Word Document files within a browser windows without the user having to open the Word application itself. This capability is also available for third parties to provide plug-ins to Internet Explorer so that Internet Explorer will recognize file types and display them within a browser window. This vulnerability could allow a malicious web site to supply a visiting user with script that would run in the local computer zone on a user's computer. In order for this vulnerability to be exploited, the attacker would have to attempt to exploit a third party plugin that was installed on the visitng user's system. If the user had not installed third party plugins, or had removed all of them from the system, the vulnerability could not be exploited.



Affected software

Microsoft Internet Explorer 5.01.
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0



Non-affected software

All applications not in the effected list.



References




Solutions




NIS signature

Name: Exploit:Win/MSIE.PluginRendering.RCE!CAN-2003-0115
Release Date: 2003-04-23T00:00:00



Known false positives

No known false positives at this time.



Work-arounds

There are no known workarounds.