Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
| GEN:SID | 1:2671 |
| Message | WEB-CLIENT bitmap BitmapOffset integer overflow attempt |
| Summary | This event is generated when an attempt is made to exploit a known vulnerability in Microsoft Internet Explorer. |
| Impact | A successful attack can cause a buffer overflow and present the attacker with the opportunity to execute code of their choosing on a vulnerable system. |
| Detailed Information | An error in the processing of bitmap images exists in Internet Explorer that can present an attacker with the opportunity to execute code of their choosing on a vulnerable system. The error exists due to poor boundary checking in the processing of bitmap images. |
| Affected Systems | Microsoft Windows using Internet Explorer |
| Attack Scenarios | An attacker would need to supply a malformed bitmap image either in a web page or possibly via HTML email to a victim host. |
| Ease of Attack | Simple, exploits exist. |
| Corrective Action | Upgrade to the latest non-affected version of the software. Apply the appropriate vendor supplied patches. |
| Additional References | Microsoft: http://www.microsoft.com/technet/security/bulletin/ms04-025.mspx |
| Rule References | bugtraq: 9663 cve: 2004-0566 url: www.microsoft.com/technet/security/bulletin/ms04-025.mspx |
--
DID:303219
--
http://www.aanval.com/