Microsoft Internet Explorer HTA file execution
| ie-hta-file-execution (25394) |  High Risk |
Description:
Microsoft Internet Explorer could allow a remote attacker to execute HTA files (HTML Applications) on a victim's system. A remote attacker could exploit this vulnerability by creating a Web page containing specially-crafted HTML that can be used to execute HTA files on a victim's system with the permissions of the victim, once the victim visits the malicious page. It may be possible for an attacker to use this vulnerability to execute arbitrary code and gain complete control over a target system.
Consequences:
Gain Access
Remedy:
Apply the appropriate patch for your system, as listed in the latest Microsoft Security Bulletin. See References.
— OR —
Use Microsoft Automatic Update if it is supported by your operating system. The original bulletin issued by Microsoft has been superseded.
References:
- Internet Security Systems Protection Alert - April 11, 2006: Cumulative Security Update for Internet Explorer.
- jeffrey.vanderstad.net: The grasshopper vulnerability.
- Microsoft Security Bulletin MS06-013: Cumulative Security Update for Internet Explorer (912812).
- Microsoft Security Bulletin MS06-021: Cumulative Security Update for Internet Explorer (916281).
- Microsoft Security Bulletin MS06-042: Cumulative Security Update for Internet Explorer (918899).
- Microsoft Security Bulletin MS06-067: Cumulative Security Update for Internet Explorer (922760).
- Microsoft Security Bulletin MS06-072: Cumulative Security Update for Internet Explorer (925454).
- Microsoft Security Bulletin MS07-016: Cumulative Security Update for Internet Explorer (928090).
- Microsoft Security Bulletin MS07-027: Cumulative Security Update for Internet Explorer (931768).
- Microsoft Security Bulletin MS07-033: Cumulative Security Update for Internet Explorer (933566).
- Microsoft Security Bulletin MS07-045: Cumulative Security Update for Internet Explorer (937143).
- Microsoft Security Bulletin MS07-057: Cumulative Security Update for Internet Explorer (939653).
- Microsoft Security Bulletin MS07-069: Cumulative Security Update for Internet Explorer (942615).
- Microsoft Security Bulletin MS08-010: Cumulative Security Update for Internet Explorer (944533).
- Microsoft Security Bulletin MS08-024: Cumulative Security Update for Internet Explorer (947864).
- Microsoft Security Bulletin MS08-031: Cumulative Security Update for Internet Explorer (950759).
- Microsoft Security Bulletin MS08-045: Cumulative Security Update for Internet Explorer (953838).
- Microsoft Security Bulletin MS08-058: Cumulative Security Update for Internet Explorer (956390).
- US-CERT Technical Cyber Security Alert TA06-101A: Microsoft Windows and Internet Explorer Vulnerabilities.
- ASA-2006-079: Windows Security Updates for April 2006 - (MS06-013 - MS06-017)
- BID-17181: Microsoft Internet Explorer Unspecified Remote HTA Execution Vulnerability
- CVE-2006-1388: Unspecified vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to execute HTA files via unknown vectors.
- OSVDB ID: 24095: Microsoft IE Arbitrary HTA File Execution
- SA19378: Internet Explorer Unspecified Automatic .HTA Application Execution
- SECTRACK ID: 1015800: (Vendor Issues Fix) Microsoft Internet Explorer (IE) Lets Remote Users Cause HTA Files to Be Executed
- US-CERT VU#434641: Microsoft Internet Explorer may automatically execute HTA files
- VUPEN/ADV-2006-1318: Microsoft Internet Explorer Remote Code Execution Vulnerabilities (MS06-013)
Platforms Affected:
- Microsoft Internet Explorer 6.0
- Microsoft Windows 2003 Server Standard
- Microsoft Windows XP Media Center
- Microsoft Windows XP Professional
Reported:
Mar 22, 2006
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net