=====================================================================
                                     CERT-Renater

                          Note d'Information No. 2007/VULN045
_____________________________________________________________________

DATE                      : 14/02/2007

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running Internet Explorer.

======================================================================

MS07-016 - Cumulative Security Update for Internet Explorer (928090)

Affected Software:
    - Microsoft Windows 2000 Service Pack 4
    - Microsoft Windows XP Service Pack 2
    - Microsoft Windows XP Professional x64 Edition
    - Microsoft Windows Server 2003 and Microsoft Windows Server 2003
      Service Pack 1
    - Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft
      Windows Server 2003 with SP1 for Itanium-based Systems
    - Microsoft Windows Server 2003 x64 Edition

Non-Affected Software:
    - Windows Vista

Full MS07-016 advisory:
    http://www.microsoft.com/technet/security/Bulletin/ms07-016.mspx

Vulnerability Details

COM Object Instantiation Memory Corruption Vulnerability - CVE-2006-4697:

    A remote code execution vulnerability exists in the way Internet
    Explorer instantiates COM objects that are not intended to be
    instantiated in Internet Explorer. An attacker could exploit the
    vulnerability by constructing a specially crafted Web page that could
    potentially allow remote code execution if a user viewed the Web page.
    An attacker who successfully exploited this vulnerability could take
    complete control of an affected system.

COM Object Instantiation Memory Corruption Vulnerability - CVE-2007-0219:

    A remote code execution vulnerability exists in the way Internet
    Explorer instantiates COM objects that are not intended to be
    instantiated in Internet Explorer. An attacker could exploit the
    vulnerability by constructing a specially crafted Web page that could
    potentially allow remote code execution if a user viewed the Web page.
    An attacker who successfully exploited this vulnerability could take
    complete control of an affected system.

FTP Server Response Parsing Memory Corruption Vulnerability - CVE-2007-0217:

    A remote code execution vulnerability exists in the way Internet
    Explorer interprets certain responses from FTP servers. An attacker
    could exploit the vulnerability by sending specially crafted FTP
    responses in an FTP session to the FTP client included in Internet
    Explorer. An attacker who successfully exploited this vulnerability
    could gain the same user rights as the local user. Users whose
    accounts are configured to have fewer user rights on the system could
    be less impacted than users who operate with administrative user
    rights.

======================================================================

            =========================================================
            Les serveurs de référence du CERT-Renater
            http://www.urec.fr/securite
            http://www.cru.fr/securite
            http://www.renater.fr
            =========================================================
            + CERT-RENATER          | tel : 01-53-94-20-44          +
            + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
            + 75013 Paris           | email: certsvp@renater.fr     +
            =========================================================