Security Home > Windows 95, 98 & ME

Buffer Overrun In HTML Converter New

A security vulnerability exists in the in-built HTML conversion function in all versions of Microsoft Windows. The flaw could allow an attacker to run code of their choice on the system by sending a malformed e-mail.

Issue

All versions of Microsoft Windows contain support for file conversion within the operating system. This functionality allows users of Microsoft Windows to convert file formats from one to another. In particular, Microsoft Windows contains support for HTML conversion within the operating system. This functionality allows users to view, import, or save files as HTML.

There is a flaw in the way the HTML converter for Microsoft Windows handles a conversion request during a cut-and-paste operation. This flaw causes a security vulnerability to exist. A specially crafted request to the HTML converter could cause the converter to fail in such a way that it could execute code in the context of the currently logged-in user. Because this functionality is used by Internet Explorer, an attacker could craft a specially formed Web page or HTML e-mail that would cause the HTML converter to run arbitrary code on a user's system. A user visiting an attacker’s Web site could allow the attacker to exploit the vulnerability without any other user action.

To exploit this vulnerability, the attacker would have to create a specially-formed HTML e-mail and send it to the user. Alternatively, an attacker would have to host a malicious Web site that contains a Web page designed to exploit this vulnerability. The attacker would then have to persuade a user to visit that site.

Affected Products

  • Microsoft Windows 98
  • Microsoft Windows 98 Second Edition
  • Microsoft Windows Me
  • Microsoft Windows NT 4.0 Server
  • Microsoft Windows NT 4.0 Terminal Server Edition
  • Microsoft Windows 2000
  • Microsoft Windows XP
  • Microsoft Windows Server 2003

Download

Software patches are available from the following locations:

Further Details

Source: Microsoft Corporation

Reference: Microsoft Corporation

Updated: July 10, 2003

>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<