Microsoft Agent URL Parsing Memory Corruption Vulnerability - agentdpv.dll
Secunia Advisory: SA22896Release Date: 2007-04-10
Last Update: 2007-04-11
Critical:
Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
OS:
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
CVE reference: CVE-2007-1205
Description:
Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in Microsoft Agent (agentdpv.dll) when processing specially crafted URLs passed as arguments to certain methods.
Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious website with Internet Explorer.
Solution:
Apply patches.
Windows XP (requires SP2):
http://www.microsoft.com/downloads/details.aspx?FamilyId=e16ededa-6e8c-40d6-a3c0-d61362411acc
Windows XP Professional x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/details.aspx?FamilyId=23909036-898f-41af-a3de-4a899a15d25d
Credits: discovered by JJ Reyes and Carsten Eiram, Secunia Research.
Changelog:
2007-04-11: Added link to US-CERT.
Original Advisory:
MS07-020 (KB932168):
http://www.microsoft.com/technet/security/Bulletin/MS07-020.mspx
Secunia Research:
http://secunia.com/secunia_research/2006-74/
Other References:
US-CERT VU#728057:
http://www.kb.cert.org/vuls/id/728057
Labels: Advisory, Critical, Microsoft, Vulnerability
<< Home