NetSprint Ask IE Toolbar Multiple Denial of Service Vulnerabilities
BID:23535
Info
NetSprint Ask IE Toolbar Multiple Denial of Service Vulnerabilities
| Bugtraq ID: | 23535 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 17 2007 12:00AM |
| Updated: | Apr 17 2007 08:31PM |
| Credit: | Michal Bucko is credited with the discovery of these vulnerabilities. |
| Vulnerable: |
NetSprint Ask IE Toolbar 1.1 |
| Not Vulnerable: | |
Discussion
NetSprint Ask IE Toolbar Multiple Denial of Service Vulnerabilities
NetSprint Ask IE Toolbar ActiveX control is prone to multiple denial-of-service vulnerabilities.
Exploiting these issues allows remote attackers to crash applications that employ the vulnerable controls (typically Microsoft Internet Explorer). Attackers may potentially exploit these issues to execute code, but this has not been confirmed.
NetSprint Ask IE Toolbar 1.1 is vulnerable; other versions may also be affected.
NetSprint Ask IE Toolbar ActiveX control is prone to multiple denial-of-service vulnerabilities.
Exploiting these issues allows remote attackers to crash applications that employ the vulnerable controls (typically Microsoft Internet Explorer). Attackers may potentially exploit these issues to execute code, but this has not been confirmed.
NetSprint Ask IE Toolbar 1.1 is vulnerable; other versions may also be affected.
Exploit / POC
NetSprint Ask IE Toolbar Multiple Denial of Service Vulnerabilities
An example exploit has been provided:
An example exploit has been provided:
Solution / Fix
NetSprint Ask IE Toolbar Multiple Denial of Service Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
NetSprint Ask IE Toolbar Multiple Denial of Service Vulnerabilities
References:
References:
- NetSprint Toolbar Product Page (NetSprint)
- Q240797: How to Stop an ActiveX Control from Running in Internet Explorer (Microsoft)
- Multiple Ask IE Toolbar denial of service vulnerabilities ("Michal Bucko"
)