BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to the Zeroday Tracker: Your Vulnerability Watchlist

Get critical updates on the latest zeroday threats, including impact, mitigation and protection information - only from BeyondTrust.

IE setSlice()

Disclosed July 18, 2006    Fully Patched

Vulnerability Description:

A remote code execution vulnerability exists within Internet Explorer which may allow for a remote attacker to execute arbitrary code under the context of the logged in user. This vulnerability requires minimal user-interaction.

Vendors:

Microsoft

Vulnerable Software/Devices:

Windows 2000
Windows XP
Windows 2003

Vulnerability Severity:

High

Exploit Availability:

N/A

Exploit Impact:

Remote Code Execution
A web browser remote code execution vulnerability has a very high impact since the source of the malicious payload can be any site on the Internet. An even more critical problem is generated when clients are administrators on their local hosts, which would run the malicious payload with Administrator credentials.

BeyondTrust Prevention and Detection:

BeyondTrust's Blink® Personal Edition protects from this vulnerability.
BeyondTrust's Blink® Professional Edition protects from this vulnerability.
BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.

Patch:
Microsoft Patch - MS06-057

Mitigation:

Since this vulnerability is patched, the primary mitigation for this vulnerability would be to apply MS05-057. However, other mitigation is available by kill-bitting the CLSIDs for the Windows Shell ActiveX (e5df9d10-3b52-11d1-83e8-00a0c90dc849 and 844F4806-E8A8-11d2-9652-00C04FC30871) following the directions of KB240797.

Links:

CVE-2006-3730
First Public PoC Code Disclosure (Denial of Service)

CVE(s):

None

Leave a Reply