SECUNIA ADVISORY ID: SA31375

VERIFY ADVISORY: http://secunia.com/advisories/31375/

CRITICAL: Highly critical

IMPACT: System access

SOFTWARE:
Microsoft Internet Explorer 5.01 - http://secunia.com/product/9/
Microsoft Internet Explorer 6.x - http://secunia.com/product/11/
Microsoft Internet Explorer 7.x - http://secunia.com/product/12366/

DESCRIPTION: Multiple vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system.

1) An unspecified error may result in uninitialised memory being accessed in certain situations.
2) Another unspecified error may result in uninitialised memory being accessed in certain situations.
3) An error exists in the way Internet Explorer may access an object that has not been correctly initialised or has been deleted. This can be exploited to corrupt memory.
4) Two other unspecified errors may result in uninitialised memory being accessed in certain situations.
5) An error in the way arguments are validated in print preview handling can be exploited to corrupt memory.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.

SOLUTION: Apply patches.

-- Windows 2000 SP4 --
Internet Explorer 5.01 SP4: http://www.microsoft.com/downloads/details.aspx?familyid=1557B93B-ECBA-4F42-B89D-DB0EE067D65B
Internet Explorer 6 SP1: http://www.microsoft.com/downloads/details.aspx?familyid=AA780735-5928-4C46-89A4-63A814954796

-- Internet Explorer 6 --
Windows XP SP2: http://www.microsoft.com/downloads/details.aspx?familyid=69AF2F30-138E-4B15-AB8D-4FCE44CC0BC2
Windows XP SP3: http://www.microsoft.com/downloads/details.aspx?familyid=69AF2F30-138E-4B15-AB8D-4FCE44CC0BC2
Windows XP Professional x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=4780B89E-9735-4D3F-8DEF-34E7337FF604
Windows Server 2003 SP1/SP2: http://www.microsoft.com/downloads/details.aspx?familyid=0617A5DD-DCE9-4DE0-B0A0-CE38EFE13524
Windows Server 2003 x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=32A63F52-9FE6-48E3-BB4E-7D4DDA5E0A90
Windows Server 2003 with SP1/SP2 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=1855997E-A3BE-46B1-A0BC-BB55EB0045FE

-- Internet Explorer 7 --
Windows XP SP2/SP3: http://www.microsoft.com/downloads/details.aspx?familyid=8E2125C7-52CB-4052-82A3-2D3C6A953752
Windows XP Professional x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=39B41E4B-3237-409D-A818-AB0517C5E7CF
Windows Server 2003 SP1/SP2: http://www.microsoft.com/downloads/details.aspx?familyid=B3C2E2FD-1CB9-491B-937C-053DD59A65BF
Windows Server 2003 x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=88A26B76-F7DF-45C9-8ED0-7D3CD71C1987
Windows Server 2003 with SP1/SP2 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=97D0D37D-5D76-4BC3-8CBD-1E3976C82ACF
Windows Vista (optionally with SP1): http://www.microsoft.com/downloads/details.aspx?familyid=13CBA012-DD20-48F9-8E44-E4CB104C4CAD
Windows Vista x64 Edition (optionally with SP1): http://www.microsoft.com/downloads/details.aspx?familyid=EAD919C2-D548-47B7-9CD6-80F991266428
Windows Server 2008 for 32-bit Systems: http://www.microsoft.com/downloads/details.aspx?familyid=4B52FF2F-D2F5-4C20-B6CF-86D86C56B0F8
Windows Server 2008 for x64-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=DF9814A6-5BE0-4AC1-A767-A0EAE8D5EE5D
Windows Server 2008 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=FFC3CFCB-73FE-4A6D-9595-E9D7A5B3D3F7

PROVIDED AND/OR DISCOVERED BY:
1) The vendor credits Yamata Li, Palo Alto Networks.
2) Reported by the vendor.
3) The vendor credits Tavis Ormandy, Google Security Team.
4) The vendor credits Sam Thomas via ZDI along with TippingPoint and ZDI.
5) Reported by the vendor.

ORIGINAL ADVISORY:
MS08-045 (KB953838): http://www.microsoft.com/technet/security/Bulletin/MS08-045.mspx