|
This is an attempt to exploit a vulnerability in the Microsoft Windows implementation of Vector Markup Language (VML), via the interpreter code in the vgx.dll module.
VML is used to describe how to draw graphics made of objects like lines, ovals and rectangles, with the benefit that the resulting images are rescalable without pixelation. The resulting description can be rendered with Internet Explorer, Outlook and various Microsoft Office applications, all using the same vgx.dll interpreter code.
Due to a bug in this dll, it is possible to crash vgx.dll when it tries to interpret VML code that describes a rectangle with a fill pattern method larger than expected. This overwrites an exploitable address on the heap, and remote code can be injected and executed.
On Sept 18, 2006 this exploit was reported discovered by security researchers and already being used from a porn website, and very soon after that the WebAttacker toolkit was updated to include this exploit. This led rapidly to the danger from this exploit becoming widespread, particularly since no user action is required to activate it, including the case where spammed malicious emails are merely previewed in Outlook.
Microsoft decided to release a special early patch - (MSO6-055) - to fix this particular problem in vgx.dll on 26 September, 2006.
(CVE-2006-4868)
|
Cart
