| VID |
26121 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The Hotfix(KB891781) for 'Vulnerability in the DHTML Editing Component ActiveX Control' has not been applied. Internet Explorer uses a cross-domain security model to maintain separation between browser frames from different sources. This model is designed to prevent code in one domain from accessing data in a different domain. A cross-domain violation vulnerability exists in the DHTML Editing ActiveX control (dhtmled.ocx). Microsoft Windows could allow a remote attacker to execute script on a victim's computer, caused by a vulnerability in the DHTML Edit ActiveX control. By convincing a user to view a specially crafted HTML document (e.g., a web page or an HTML email message), an attacker may be able to execute script in the Local Machine Zone. Script that executes in the Local Machine Zone can be used to download and execute arbitrary code.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.microsoft.com/technet/security/bulletin/ms05-013.mspx
http://www.kb.cert.org/vuls/id/356600
http://secunia.com/advisories/13482
http://archives.neohapsis.com/archives/bugtraq/2004-12/0167.html
* Platforms Affected:
Microsoft Internet Explorer 6.0.2900.2180
Microsoft Windows 98, Me
Microsoft Windows 2000 Any version
Microsoft Windows XP Any version
Microsoft Windows XP 64-Bit Any version
Microsoft Windows Server 2003 Any version |
| Recommendation |
Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin MS05-013 at http://www.microsoft.com/technet/security/bulletin/ms05-013.mspx
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com . Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2005-0047,CVE-2005-0044 (CVE) |
| Related URL |
12488,12483 (SecurityFocus) |
| Related URL |
19105,19106 (ISS) |
|
