Reported November 11, 2003, by Microsoft.
· Windows Server 2003, 64-Bit Edition
· Windows 2003
· Windows XP, 64-Bit Edition, Version 2003
· XP, 64-Bit Edition
· XP, Service Pack 1 (SP1)
· Windows 2000 SP2, SP3, and SP4
· Windows NT Server 4.0 Terminal Server Edition (WTS) SP6
· NT Server 4.0 SP6a
· NT Workstation 4.0 SP6a
· Windows Me
· Windows 98 Second Edition (Win98SE)
· Windows 98
Internet Explorer (IE) contains five newly discovered vulnerabilities, the most serious of which can result in the execution of arbitrary code under the user’s security context on the vulnerable system. These five vulnerabilities are:
· Three vulnerabilities involve IE's cross-domain security model, which prevents windows of different domains from sharing information. These vulnerabilities can result in the execution of script code in the My Computer zone.
· One vulnerability involves the way zone information is passed to an XML object in IE. This vulnerability can permit an attacker to read local files on a user's system.
· One vulnerability involves a drag-and-drop operation during dynamic HTML (DHTML) events in IE. This vulnerability can permit an attacker to save a file to a target location on the user's system if the user clicks a link.
Microsoft has released security bulletin MS03-048, "Cumulative Security Update for Internet Explorer (824145)," which addresses these vulnerabilities and recommends that affected users immediately apply the appropriate patch listed in the bulletin.
Discovered by Jelmer.