Microsoft Security Bulletin MS02-047

Cumulative Patch for Internet Explorer (Q323759)

Originally posted: August 22, 2002

Summary

Who should read this bulletin: Customers using Microsoftģ Internet Explorer

Impact of vulnerability: Six new vulnerabilities, the most serious of which could enable an attacker to execute commands on a userís system.

Maximum Severity Rating: Critical

Recommendation: Customers should install the patch immediately.

Affected Software:

Technical details

Technical description:

This is a cumulative patch that includes the functionality of all previously released patches for IE 5.01, 5.5 and 6.0. In addition, it eliminates the following six newly discovered vulnerabilities:

In addition, the patch sets the Kill Bit on the MSN Chat ActiveX control discussed in Microsoft Security Bulletin MS02-022 as well as the TSAC ActiveX control discussed in Microsoft Security Bulletin MS02-046. This has been done to ensure that vulnerable controls cannot be introduced onto usersí systems. Customers who use the MSN Chat control should ensure that they have applied the updated version of the control discussed in MS02-022 and customers who use the TSAC control should ensure that they have applied the updated version of the control discussed in MS02-046 .

Mitigating factors:

Buffer Overrun in Gopher Protocol Handler:

Buffer Overrun in Legacy Text Formatting ActiveX Control:

XML File Reading via Redirect:

File Origin spoofing:

Cross Domain Verification in Object Tag:

Variant of Cross-Site Scripting in Local HTML Resource:

Severity Rating:

Buffer Overrun in Gopher Protocol Handler:

  Internet Servers Intranet Servers Client Systems
Internet Explorer 5.01 Low Low Critical
Internet Explorer 5.5 Low Low Critical
Internet Explorer 6.0 Low Low Critical


Buffer Overrun in Legacy Text Formatting ActiveX Control:

  Internet Servers Intranet Servers Client Systems
Internet Explorer 5.01 Low Low Critical
Internet Explorer 5.5 Low Low Critical
Internet Explorer 6.0 Low Low Critical


XML File Reading via Redirect:

  Internet Servers Intranet Servers Client Systems
Internet Explorer 5.01 Low Low Moderate
Internet Explorer 5.5 Low Low Moderate
Internet Explorer 6.0 Low Low Moderate


File Origin Spoofing:

  Internet Servers Intranet Servers Client Systems
Internet Explorer 5.01 Moderate Moderate Moderate
Internet Explorer 5.5 Moderate Moderate Moderate
Internet Explorer 6.0 Moderate Moderate Moderate


Cross Domain Verification in Object Tag:

  Internet Servers Intranet Servers Client Systems
Internet Explorer 5.01 None None None
Internet Explorer 5.5 Moderate Moderate Critical
Internet Explorer 6.0 Moderate Moderate Critical


Variant of Cross-Site Scripting in Local HTML Resource:

  Internet Servers Intranet Servers Client Systems
Internet Explorer 5.01 Low Low Moderate
Internet Explorer 5.5 Low Low Moderate
Internet Explorer 6.0 None None None


Aggregate Severity of all issues included in this patch (including issues addressed in previously released patches):

  Internet Servers Intranet Servers Client Systems
Internet Explorer 5.01 Moderate Moderate Critical
Internet Explorer 5.5 Critical Critical Critical
Internet Explorer 6.0 Critical Critical Critical

The above assessment is based on the types of systems affected by the vulnerability, their typical deployment patterns, and the effect that exploiting the vulnerability would have on them.

Vulnerability identifiers:
 

Tested Versions:

The following table indicates which of the currently supported versions of Internet Explorer are affected by the vulnerabilities. Versions of IE prior to 5.01 Service Pack 2 are no longer eligible for hotfix support. IE 5.01 SP2 is supported only on Windowsģ 2000.

  IE 5.01 SP2 IE 5.5 SP1 IE 5.5 SP2 IE 6.0
Buffer Overrun in Gopher Protocol Handler (CAN-2002-0646) Yes Yes Yes Yes
Buffer Overrun in Legacy Text Formatting ActiveX Control (CAN-2002-0647) Yes Yes Yes Yes
XML File Reading via Redirect (CAN-2002-0648) Yes Yes Yes Yes
File Origin Spoofing (CAN-2002-0722): Yes Yes Yes Yes
Cross Domain Verification in Object Tag (CAN-2002-0723) No Yes Yes Yes
Variant of Cross-Site Scripting in Local HTML Resource (CAN-2002-0691) Yes Yes Yes No

 

Frequently asked questions

Patch availability

Download locations for this patch

Additional information about this patch

Other information:

Acknowledgments

Microsoft thanks  the following people for working with us to protect customers:

Support:

Security Resources: The Microsoft TechNet Security Web Site provides additional information about security in Microsoft products.

Disclaimer:
The information provided in the Microsoft Knowledge Base is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

Revisions: