Microsoft Internet Explorer CVE-2012-0170 OnReadyStateChange Remote Code Execution Vulnerability

Bugtraq ID:	52904
Class:	Design Error
CVE:	CVE-2012-0170
Remote:	Yes
Local:	No
Published:	Apr 10 2012 12:00AM
Updated:	Apr 12 2012 05:50PM
Credit:	Jose Antonio Vazquez Gonzalez working with VeriSign iDefense Labs
Vulnerable:	Microsoft Internet Explorer 7.0 + Microsoft Windows Server 2003 Sp2 X64 + Microsoft Windows Server 2003 SP2 + Microsoft Windows Server 2003 SP2 + Microsoft Windows Server 2003 Sp1 X64 + Microsoft Windows Server 2003 SP1 + Microsoft Windows Server 2003 Itanium SP2 + Microsoft Windows Server 2003 Itanium SP2 + Microsoft Windows Server 2003 Itanium SP1 + Microsoft Windows Server 2003 Itanium 0 + Microsoft Windows Server 2003 x64 SP2 + Microsoft Windows Server 2003 x64 SP2 + Microsoft Windows Server 2008 for 32-bit Systems SP2 + Microsoft Windows Server 2008 for 32-bit Systems SP2 + Microsoft Windows Server 2008 for 32-bit Systems 0 + Microsoft Windows Server 2008 for 32-bit Systems 0 + Microsoft Windows Server 2008 for Itanium-based Systems SP2 + Microsoft Windows Server 2008 for Itanium-based Systems SP2 + Microsoft Windows Server 2008 for Itanium-based Systems 0 + Microsoft Windows Server 2008 for Itanium-based Systems 0 + Microsoft Windows Server 2008 for x64-based Systems SP2 + Microsoft Windows Server 2008 for x64-based Systems SP2 + Microsoft Windows Server 2008 for x64-based Systems R2 + Microsoft Windows Server 2008 for x64-based Systems 0 + Microsoft Windows Server 2008 for x64-based Systems 0 + Microsoft Windows Vista Ultimate + Microsoft Windows Vista Ultimate + Microsoft Windows Vista Ultimate + Microsoft Windows Vista Ultimate + Microsoft Windows Vista Ultimate + Microsoft Windows Vista SP2 + Microsoft Windows Vista SP2 + Microsoft Windows Vista SP1 + Microsoft Windows Vista SP1 + Microsoft Windows Vista Home Premium + Microsoft Windows Vista Home Premium + Microsoft Windows Vista Home Premium + Microsoft Windows Vista Home Premium + Microsoft Windows Vista Home Premium + Microsoft Windows Vista Home Premium + Microsoft Windows Vista Home Premium + Microsoft Windows Vista Home Basic + Microsoft Windows Vista Home Basic + Microsoft Windows Vista Home Basic + Microsoft Windows Vista Home Basic + Microsoft Windows Vista Home Basic + Microsoft Windows Vista Home Basic + Microsoft Windows Vista Home Basic + Microsoft Windows Vista Enterprise + Microsoft Windows Vista Enterprise + Microsoft Windows Vista Enterprise + Microsoft Windows Vista Enterprise + Microsoft Windows Vista Enterprise + Microsoft Windows Vista Enterprise + Microsoft Windows Vista Enterprise + Microsoft Windows Vista Business + Microsoft Windows Vista Business + Microsoft Windows Vista Business + Microsoft Windows Vista Business + Microsoft Windows Vista Business + Microsoft Windows Vista Business + Microsoft Windows Vista Business + Microsoft Windows Vista 0 + Microsoft Windows Vista 0 + Microsoft Windows Vista 0 + Microsoft Windows Vista 0 + Microsoft Windows Vista 0 + Microsoft Windows Vista 0 + Microsoft Windows Vista 0 + Microsoft Windows Vista Enterprise 64-bit edition SP2 + Microsoft Windows Vista Enterprise 64-bit edition SP1 + Microsoft Windows Vista Enterprise 64-bit edition 0 + Microsoft Windows Vista Home Basic 64-bit edition Sp1 X64 + Microsoft Windows Vista Home Basic 64-bit edition SP1 + Microsoft Windows Vista Home Basic 64-bit edition 0 + Microsoft Windows Vista Home Premium 64-bit edition SP2 + Microsoft Windows Vista Home Premium 64-bit edition SP1 + Microsoft Windows Vista Home Premium 64-bit edition 0 + Microsoft Windows Vista x64 Edition SP2 + Microsoft Windows Vista x64 Edition SP2 + Microsoft Windows Vista x64 Edition SP1 + Microsoft Windows Vista x64 Edition SP1 + Microsoft Windows Vista x64 Edition 0 + Microsoft Windows Vista x64 Edition 0 + Microsoft Windows XP 0 + Microsoft Windows XP Embedded SP3 + Microsoft Windows XP Embedded SP3 + Microsoft Windows XP Home SP3 + Microsoft Windows XP Home SP3 + Microsoft Windows XP Home SP2 + Microsoft Windows XP Home SP1 + Microsoft Windows XP Media Center Edition SP3 + Microsoft Windows XP Media Center Edition SP3 + Microsoft Windows XP Professional SP3 + Microsoft Windows XP Professional SP3 + Microsoft Windows XP Professional SP2 + Microsoft Windows XP Professional SP1 + Microsoft Windows XP Professional + Microsoft Windows XP Professional x64 Edition SP3 + Microsoft Windows XP Professional x64 Edition SP2 + Microsoft Windows XP Professional x64 Edition SP2 + Microsoft Windows XP Professional x64 Edition + Microsoft Windows XP Service Pack 3 0 + Microsoft Windows XP Tablet PC Edition SP3 + Microsoft Windows XP Tablet PC Edition SP3 Microsoft Internet Explorer 7.0 Microsoft Internet Explorer 6.0 SP3 Microsoft Internet Explorer 6.0 SP2 Microsoft Internet Explorer 6.0 SP1 Microsoft Internet Explorer 6.0 + Microsoft Windows Server 2003 SP2 + Microsoft Windows Server 2003 Sp1 X64 + Microsoft Windows Server 2003 SP1 + Microsoft Windows XP 0 + Microsoft Windows XP - Gold Home + Microsoft Windows XP - Gold 64-Bit-2002 + Microsoft Windows XP Embedded SP3 + Microsoft Windows XP Embedded SP2 + Microsoft Windows XP Embedded SP1 + Microsoft Windows XP Embedded + Microsoft Windows XP Home SP3 + Microsoft Windows XP Home SP2 + Microsoft Windows XP Home SP1 + Microsoft Windows XP Home + Microsoft Windows XP Media Center Edition SP3 + Microsoft Windows XP Media Center Edition SP2 + Microsoft Windows XP Media Center Edition SP1 + Microsoft Windows XP Media Center Edition + Microsoft Windows XP Professional SP3 + Microsoft Windows XP Professional SP2 + Microsoft Windows XP Professional SP1 + Microsoft Windows XP Professional + Microsoft Windows XP Professional x64 Edition SP3 + Microsoft Windows XP Professional x64 Edition SP2 + Microsoft Windows XP Professional x64 Edition + Microsoft Windows XP Service Pack 3 0 + Microsoft Windows XP Tablet PC Edition SP3 + Microsoft Windows XP Tablet PC Edition SP2 + Microsoft Windows XP Tablet PC Edition SP1 + Microsoft Windows XP Tablet PC Edition Avaya Messaging Application Server 5.2 Avaya Messaging Application Server 5 Avaya Meeting Exchange - Webportal 0 Avaya Meeting Exchange - Web Conferencing Server 0 Avaya Meeting Exchange - Streaming Server 0 Avaya Meeting Exchange - Recording Server 0 Avaya Meeting Exchange - Client Registration Server 0 Avaya Meeting Exchange 5.0 .0.52 Avaya Meeting Exchange 5.2 SP2 Avaya Meeting Exchange 5.2 SP1 Avaya Meeting Exchange 5.2 Avaya Meeting Exchange 5.1 SP1 Avaya Meeting Exchange 5.1 Avaya Meeting Exchange 5.0 SP2 Avaya Meeting Exchange 5.0 SP1 Avaya Meeting Exchange 5.0 Avaya Communication Server 1000 Telephony Manager 4.0 Avaya Communication Server 1000 Telephony Manager 3.0 Avaya CallPilot 5.0 Avaya CallPilot 4.0 Avaya Aura Conferencing 6.0 Standard
Not Vulnerable:

Microsoft Internet Explorer CVE-2012-0170 OnReadyStateChange Remote Code Execution Vulnerability

Microsoft Internet Explorer is prone to a remote code-execution vulnerability.

Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions.

Microsoft Internet Explorer CVE-2012-0170 OnReadyStateChange Remote Code Execution Vulnerability

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Microsoft Internet Explorer CVE-2012-0170 OnReadyStateChange Remote Code Execution Vulnerability

Solution:
The vendor released an advisory along with fixes to address this issue. Please see the references for more information.

Microsoft Internet Explorer CVE-2012-0170 OnReadyStateChange Remote Code Execution Vulnerability

References:

• Microsoft Internet Explorer Homepage (Microsoft)
  
• ASA-2012-153 MS12-023 Cumulative Security Update for Internet Explorer (2675157) (Avaya)
  
• Microsoft Security Bulletin MS12-023 - Critical Cumulative Security Update for I (Microsoft)