Microsoft Internet Explorer Modal Dialog区域绕过漏洞(MS04-025)-一一网

漏洞信息详情

Microsoft Internet Explorer Modal Dialog区域绕过漏洞(MS04-025)

CNNVD编号：CNNVD-200408-049

危害等级：超危
CVE编号：
CVE-2004-0549
漏洞类型：

其他
发布时间：

2004-06-05
威胁类型：

远程
更新时间：

2005-10-20
厂商：

microsoft
漏洞来源：
jelmer※ jelmer@kup…

漏洞简介

Microsoft Internet Explorer是一款流行的WEB浏览器。
Microsoft Internet Explorer存在漏洞允许跨区域访问，远程攻击者可以利用这个漏洞在本地电脑区域中执行恶意脚本。
攻击者可以构建传递一个动态建立的IFrame给Modal Dialog对象，并且这个对象调用通过Windows Script Encoder (screnc.exe)编码，诱使用户打开时，可造成以客户权限在本地域上下文执行恶意脚本，包括下载安装恶意程序。
这个漏洞也可导致访问外部域属性，允许其他类型的攻击如获得攻击者选择的敏感或私有信息。

漏洞公告

厂商补丁：
Microsoft
———
Microsoft已经为此发布了一个安全公告(MS04-025)以及相应补丁:

MS04-025：Cumulative Security Update for Internet Explorer (867801)

链接：http://www.microsoft.com/technet/security/bulletin/MS04-025.mspx” target=”_blank”>
http://www.microsoft.com/technet/security/bulletin/MS04-025.mspx

补丁下载：

Internet Explorer 6

http://www.microsoft.com/downloads/details.aspx?FamilyId=4C2F8A40-1B88-4F93-98B1-1619DCFD7273&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=4C2F8A40-1B88-4F93-98B1-1619DCFD7273&displaylang=en

Internet Explorer 6 Service Pack 1

http://www.microsoft.com/downloads/details.aspx?FamilyId=06F49985-F19F-4B50-A75F-7636D8BEE576&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=06F49985-F19F-4B50-A75F-7636D8BEE576&displaylang=en

Internet Explorer 6 Service Pack 1 (64-Bit Edition)

http://www.microsoft.com/downloads/details.aspx?FamilyId=FCDA580D-9E3B-4B44-BD65-C8D37A0DD62D&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=FCDA580D-9E3B-4B44-BD65-C8D37A0DD62D&displaylang=en

Internet Explorer 6 for Windows Server 2003

http://www.microsoft.com/downloads/details.aspx?FamilyId=D86262D9-C66A-4608-8DBE-2492B4AFBC3B&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=D86262D9-C66A-4608-8DBE-2492B4AFBC3B&displaylang=en

Internet Explorer 6 for Windows Server 2003 (64-Bit Edition)

http://www.microsoft.com/downloads/details.aspx?FamilyId=1AA8F5A9-71D3-48F7-BB32-F8A4D36C5FB9&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=1AA8F5A9-71D3-48F7-BB32-F8A4D36C5FB9&displaylang=en

参考网址

来源:US-CERT Technical Alert: TA04-163A
名称: TA04-163A
链接:http://www.us-cert.gov/cas/techalerts/TA04-163A.html

来源:US-CERT Technical Alert: TA04-212A
名称: TA04-212A
链接:http://www.us-cert.gov/cas/techalerts/TA04-212A.html

来源:US-CERT Technical Alert: TA04-184A
名称: TA04-184A
链接:http://www.us-cert.gov/cas/techalerts/TA04-184A.html

来源:US-CERT Vulnerability Note: VU#713878
名称: VU#713878
链接:http://www.kb.cert.org/vuls/id/713878

来源: MS
名称: MS04-025
链接:http://www.microsoft.com/technet/security/bulletin/ms04-025.mspx

来源: umbrella.name
链接:http://umbrella.name/originalvuln/msie/InsiderPrototype/

来源: BUGTRAQ
名称: 20040628 JS.Scob.Trojan Source Code …
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=108852642021426&w=2

来源: FULLDISC
名称: 20040606 Internet explorer 6 execution of arbitrary code (An analysis of the 180 Solutions Trojan)
链接:http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0104.html

来源: FULLDISC
名称: 20040602 180 Solutions Exploits and Toolbars Hacking Patched Users(I.E Exploits)
链接:http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0031.html

来源: 62.131.86.111
链接:http://62.131.86.111/analysis.htm

来源: XF
名称: ie-location-restriction-bypass(16348)
链接:http://xforce.iss.net/xforce/xfdb/16348

来源: BUGTRAQ
名称: 20040621 IE/0DAY -> Insider Prototype
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=108786396622284&w=2

来源: US Government Resource: oval:org.mitre.oval:def:519
名称: oval:org.mitre.oval:def:519
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:519

来源: US Government Resource: oval:org.mitre.oval:def:241
名称: oval:org.mitre.oval:def:241
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:241

来源: US Government Resource: oval:org.mitre.oval:def:207
名称: oval:org.mitre.oval:def:207
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:207

来源: US Government Resource: oval:org.mitre.oval:def:1133
名称: oval:org.mitre.oval:def:1133
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1133