CERT-In Vulnerability Note CIVN-2006-110
Microsoft Internet Explorer WScript.Shell Object Arbitrary Code Execution Vulnerability

Original Issue Date: November 02, 2006

Severity Rating: High

Systems Affected

Microsoft Internet Explorer 6.0

Overview

A remote code execution vulnerability has been reported in Microsoft Internet Explorer that could be exploited by an attacker to take complete control of the vulnerable system.

Description

The vulnerability is caused due to an error in WScript.Shell object.

The attacker could exploit this vulnerability by creating and hosting a specially crafted malicious javascript on a website and could persuade user to visit the website. The attacker could then execute arbitrary commands on the vulnerable system and could take complete control of the vulnerable system remotely if user has logged on the system with administrative previleges.

This is to be noted that vulnerability is currently being exploited in the wild

Workarounds

• Disable JavaScript in Internet Explorer.
• Do not follow links from untrusted sources.
• Use an unprivileged account when browsing the Internet .

Solution

There is no security patch available from the vendor

References

Cisco
http://tools.cisco.com/MySDN/Intelligence/viewThreat.x?
threatId=5222 

Security Focus
http://www.securityfocus.com/bid/20797/info



Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003