SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   OS (Microsoft)  >   Windows Kernel Vendors:   Microsoft
Windows Kernel Incorrect Exception Handling Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1016661
SecurityTracker URL:  http://securitytracker.com/id/1016661
CVE Reference:   CVE-2006-3648   (Links to External Site)
Date:  Aug 8 2006
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2000 SP4, XP SP2, 2003 SP1; and prior service packs
Description:   A vulnerability was reported in the Windows Kernel. A remote user can cause arbitrary code to be executed on the target user's system.

The kernel does not properly handle exceptions in memory resident applications. A remote user can create specially crafted HTML that, when loaded by the target user, will trigger a buffer overflow and execute arbitrary code on the target system.

Microsoft credits Matt Miller of Leviathan Security Group working with Ken Johnson with reporting this vulnerability.
Impact:   A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution:   The vendor has issued the following fixes:

Microsoft Windows 2000 Service Pack 4:

http://www.microsoft.com/downloads/details.aspx?FamilyId=83e0c6fb-a542-463a-88fd-dc388605a8ae"

Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?FamilyId=71e96afc-bc4d-4666-998b-49857007e539"

Microsoft Windows XP Professional x64 Edition:

http://www.microsoft.com/downloads/details.aspx?FamilyId=a6fe5b95-11d1-42cd-995c-c8cef8a27aef"

Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?FamilyId=7d0f888b-df35-40df-baff-0bae2b921aef"

Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems:

http://www.microsoft.com/downloads/details.aspx?FamilyId=df365b0b-f97f-4df1-9105-d81b68a110eb"

Microsoft Windows Server 2003 x64 Edition:

http://www.microsoft.com/downloads/details.aspx?FamilyId=3f750ad5-5bfb-4421-a316-ae66f0557eac"

A restart is required.

The Microsoft advisory is available at:

http://www.microsoft.com/technet/security/bulletin/ms06-051.mspx
Vendor URL:  www.microsoft.com/technet/security/bulletin/ms06-051.mspx (Links to External Site)
Cause:   Boundary error
Underlying OS:  

Message History:   None.

 Source Message Contents
Date:  Tue, 8 Aug 2006 15:21:39 -0400
Subject:  Microsoft Security Bulletin MS06-051: Vulnerability in Windows Kernel Could Result in Remote Code Execution (917422)


http://www.microsoft.com/technet/security/bulletin/ms06-051.mspx

CVE-2006-3443
CVE-2006-3648
CVE-2006-3684


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2013, SecurityGlobal.net LLC