发布时间 :2006-07-10 16:05:00
修订时间 :2008-09-05 17:07:14

[原文]Microsoft Internet Explorer 6.0 and 6.0 SP1 allows remote attackers to cause a denial of service via an HTML page with an A tag containing a long title attribute. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

[CNNVD]Microsoft Internet Explorer Href Title拒绝服务漏洞(CNNVD-200607-118)

        Microsoft Internet Explorer 6.0 和 6.0 SP1可以使远程攻击者借助带有包含长的标题属性的A标签的HTML页,引起拒绝服务。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:microsoft:ie:6.0Microsoft Internet Explorer 6.0

- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(UNKNOWN)  BID  18820

- 漏洞信息

Microsoft Internet Explorer Href Title拒绝服务漏洞
中危 其他
2006-07-10 00:00:00 2006-07-12 00:00:00
        Microsoft Internet Explorer 6.0 和 6.0 SP1可以使远程攻击者借助带有包含长的标题属性的A标签的HTML页,引起拒绝服务。

- 公告与补丁


- 漏洞信息 (F48563)

Ubuntu Security Notice 322-1 (PacketStormID:F48563)
2006-07-26 00:00:00
advisory,remote,web,denial of service

Ubuntu Security Notice 322-1 - A Denial of Service vulnerability has been reported in the replaceChild() method in KDE's DOM handler. A malicious remote web page could exploit this to cause Konqueror to crash.

Ubuntu Security Notice USN-322-1              July 24, 2006
kdelibs vulnerability

A security issue affects the following Ubuntu releases:

Ubuntu 5.04
Ubuntu 5.10
Ubuntu 6.06 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 5.04:
  kdelibs                                  4:3.4.0-0ubuntu3.6

Ubuntu 5.10:
  kdelibs                                  4:3.4.3-0ubuntu2.1

Ubuntu 6.06 LTS:
  kdelibs                                  4:3.5.2-0ubuntu18.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

A Denial of Service vulnerability has been reported in the replaceChild()
method in KDE's DOM handler. A malicious remote web page could exploit
this to cause Konqueror to crash.

Updated packages for Ubuntu 5.04:

  Source archives:
      Size/MD5:   359009 80e19fdd5fc4e09de50e0abc08dbdc64
      Size/MD5:     1334 8e9db12a120c7d9aa45ce4a89748150c
      Size/MD5: 20024253 471740de13cfed37d35eb180fc1b9b38

  Architecture independent packages:
      Size/MD5:  8013322 0f58397ee85bc8e94222bd887e3e3ed8
      Size/MD5: 12073276 d64b80c5e3f2761a1fee42c4ac61aceb
      Size/MD5:    20560 b926d8254eae60a6dfc2f2383c749e8b

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)
      Size/MD5:   921980 3b24d216d30e42fe76f114af2ef79e23
      Size/MD5:  1303886 02fdf7d27c3b4191041e1f1ba65dbec3
      Size/MD5:  8970482 e4d884c6087a940ed951975ecaf70a16

  i386 architecture (x86 compatible Intel/AMD)
      Size/MD5:   839684 a51679f1f9d6b0819f1aeaff2929cdb8
      Size/MD5:  1301354 d5a5d6777bac0d83976ee5d2514a5e36
      Size/MD5:  8397572 e536bdbc12511bec8e8adcf755d10369

  powerpc architecture (Apple Macintosh G3/G4/G5)
      Size/MD5:   904730 5eb02eab700a7844b86ed5337f202f57
      Size/MD5:  1304646 7bc4878395c8c57f20642fb76f0cf0f2
      Size/MD5:  8368206 920ad16060f913092914e2de01bbf533

Updated packages for Ubuntu 5.10:

  Source archives:
      Size/MD5:   328824 90ae45cf60a62394b61877f0b8829bb7
      Size/MD5:     1523 ce890db0541122c30d10b77ce8d65871
      Size/MD5: 19981388 36e7a8320bd95760b41c4849da170100

  Architecture independent packages:
      Size/MD5:  6969950 9e99951cfed9d47e7a6aa15c4bc8b2a6
      Size/MD5: 29296526 6bbe20ef6d29c14fda945f62465cba72
      Size/MD5:    30588 32c58feabf9a01d39f0d320f515c47b4

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)
      Size/MD5:   926460 4d3048c061d7ff0bac8fce46b5a36dbd
      Size/MD5:  1308904 acee80a54853c4c5f20fd103c33624bf
      Size/MD5: 22552926 4e764557784428203e4c92cf5ab59fde
      Size/MD5:  9109020 781b3293a2da56aa1d72726b9b12ead7

  i386 architecture (x86 compatible Intel/AMD)
      Size/MD5:   814588 85c95ac51f23734d95f1486e6aea688e
      Size/MD5:  1305556 b4b84167dd7440030468f38f7aa09f9d
      Size/MD5: 19410458 ad2963d64c42c42af65b5bbcfa2e2bd7
      Size/MD5:  8072046 d3a08494ba8830d09f7023bcbfe3fa58

  powerpc architecture (Apple Macintosh G3/G4/G5)
      Size/MD5:   909832 0070a9f392c1d25b32c44d7ba198a825
      Size/MD5:  1310248 6a4b7ed6b9dee4232bc3bf56f226faeb
      Size/MD5: 22763910 3248431f4b054df3c004d0694e35cc38
      Size/MD5:  8434102 f3b488d7a18ee6c26f0bd64d44fbc847

  sparc architecture (Sun SPARC/UltraSPARC)
      Size/MD5:   831116 ae7b8c8545f312a482715610f91af41d
      Size/MD5:  1306984 405ed2017fe27e07bf9e6c7dec3dc8d0
      Size/MD5: 20031522 6269f1c9b33b15613bc2c4a4cd8cda3f
      Size/MD5:  8240954 734ee524e79cd4804ada703584251b31

Updated packages for Ubuntu 6.06 LTS:

  Source archives:
      Size/MD5:   467654 3c060d4dce003028018d064c01749b55
      Size/MD5:     1611 5d2d8fc33079c007c003a7a59f9746dd
      Size/MD5: 18775353 00c878d449522fb8aa2769a4c5ae1fde

  Architecture independent packages:
      Size/MD5:  7083812 b2a70a68acd6063dbb978b458c11dd2b
      Size/MD5: 41489526 bd20265c944ec0426da7dcac34cadeb4
      Size/MD5:    35620 c0fefa42c68b682b3826828ac78b14ee

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)
      Size/MD5:   925402 49c8981901ab09a874acbd8fa26a8116
      Size/MD5: 26451710 625479b3435ed1c03a86eecfa2677a67
      Size/MD5:  1355502 9beb852dc6851eab35c21c566c02aeda
      Size/MD5:  9406952 2bab09a35129dda1b9e0dc878c3baa5f

  i386 architecture (x86 compatible Intel/AMD)
      Size/MD5:   814926 50317f1790612a4aa22efe9f47588f53
      Size/MD5: 22925228 f5716faf161488b0a947f3e70b46199d
      Size/MD5:  1352158 70f006f893b64aa97649b0d706660286
      Size/MD5:  8334302 356f67a801d8216a4933af023075a75a

  powerpc architecture (Apple Macintosh G3/G4/G5)
      Size/MD5:   905982 fb4dbd4f51f9ef9081410018aaeea11e
      Size/MD5: 26718448 cc90559402793050714ebc19e478f9e2
      Size/MD5:  1356906 d56198454fe16ac81f5d6667f88d5295
      Size/MD5:  8689514 dc64ea6dc0a52b403403c21959b2d689

  sparc architecture (Sun SPARC/UltraSPARC)
      Size/MD5:   826778 7cde821cf1da20929486ac2d5fdd6d10
      Size/MD5: 23623304 9fbe439b0a5ca2862d14cc6b3bddceff
      Size/MD5:  1353282 76cfc95fb82cc564f130c6f578746b65
      Size/MD5:  8491430 590d37dae7987f6f75cc3f1315f5cd6d


- 漏洞信息

Microsoft IE A Tag Long Title Attribute DoS
Remote / Network Access Denial of Service
Loss of Availability Upgrade
Exploit Public

- 漏洞描述

Microsoft Internet Explorer contains a flaw that may allow a remote denial of service. The issue is triggered when a user accesses a maliciously crafted web page that contains a long title attribute on an A tag, and will result in loss of availability for the browser.

- 时间线

2006-07-04 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 7 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者