Microsoft Internet Explorer Heap Overflow Vulnerability

Another vulnerability was discovered in Internet Explorer. This time there is no knowledge of the existence of published proof-of-concept code on the Internet but this does not exclude the possibility that exploits attempts may be already in progress. This time the hole in IE dwells in HHCtrl ActiveX Control and it offers the possibility for remote arbitrary code execution.

Beside execution of arbitrary code via network, an attacker may access the computer via a network and enjoy the same administrator level privileges.

The vulnerability can be exploited via HTML, and once again brings into focus the security issues raised by the interaction of ActiveX dynamic content controls with Microsoft's browser. The vulnerability in the current case resides in the HHCtrl ActiveX control. A specially crafted HTLM can be used by a remote user in order to trigger a heap overflow, when an unsuspecting user visits a malicious web site. In the eventuality of the execution of arbitrary code on the target system, this will runt with complete target user privileges. In the event of such an attack the management of the heap or of the memory pool is overrun, breaking the allocation and deallocation processes in order to cause overflow and the immediate crash of the browser.

To this time, Microsoft has not commented in any way the new vulnerability, and is yet to announce a date for the launch of a fix.