=====================================================================
                                  CERT-Renater

                       Note d'Information No. 2005/VULN373
_____________________________________________________________________

DATE                      : 15/06/2005

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running Internet Explorer.

======================================================================

http://www.microsoft.com/technet/security/Bulletin/MS05-025.mspx

MS05-025 - Cumulative Security Update for Internet Explorer (883939)

   - Affected Software:
     - Windows 2000 Service Pack 3
     - Windows 2000 Service Pack 4
     - Windows XP Service Pack 1
     - Windows XP Service Pack 2
     - Windows XP 64-Bit Edition Service Pack 1 (Itanium)
     - Windows XP 64-Bit Edition Version 2003 (Itanium)
     - Windows XP Professional x64 Edition
     - Windows Server 2003
     - Windows Server 2003 for Itanium-based Systems
     - Windows Server 2003 with SP1 for Itanium-based Systems
     - Windows Server 2003 x64 Edition

     - Review the FAQ section of bulletin MS05-025 for information
       about these operating systems:
         - Windows 98
         - Windows 98 Second Edition (SE)
         - Windows Millennium Edition (ME)

     - Impact: Remote Code Execution
     - Version Number: 1.0


- From the Microsoft Security Bulletin MS05-025:
	
Vulnerability Details
	
PNG Image Rendering Memory Corruption Vulnerability - CAN-2005-1211

A remote code execution vulnerability exists in Internet Explorer because
of the way that it handles PNG images. An attacker could exploit the
vulnerability by constructing a malicious PNG image that could potentially
allow remote code execution if a user visited a malicious Web site or
viewed a malicious e-mail message. An attacker who successfully exploited
this vulnerability could take complete control of an affected system.
	
XML Redirect Information Disclosure Vulnerability - CAN-2002-0648

An information disclosure vulnerability exists in Internet Explorer because
of the way that it handles certain requests to display XML content. An
attacker could exploit the vulnerability by constructing a malicious Web
page that could potentially lead to information disclosure if a user visited
a malicious Web site or viewed a malicious e-mail message. An attacker who
successfully exploited this vulnerability could read XML data from another
Internet Explorer domain. However, user interaction is required to exploit
this vulnerability.

======================================================================

         =========================================================
         Les serveurs de référence du CERT-Renater
         http://www.urec.fr/securite
         http://www.cru.fr/securite
         http://www.renater.fr
         =========================================================
         + CERT-RENATER          | tel : 01-53-94-20-44          +
         + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
         + 75013 Paris           | email: certsvp@renater.fr     +
         =========================================================