Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

PerfectNav Crashes IE

From: "Kaveh Mofidi" <Admin () SecureTarget Net>
Date: Thu, 26 Feb 2004 09:47:06 +0330
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

 

Secure Target Network (Security Advisory February 25, 2004)

Topic: PerfectNav Crashes IE

Discovery Date: February 24, 2004

Link to Original Advisory: http://securetarget.net/advisory.htm

 

Affected applications and platforms:

Microsoft Internet Explorer 6 Service Pack 1 and older versions

 

Introduction:

PerfectNav is designed to redirect your URL typing errors to

PerfectNav's web page. Bundled with the Free Ad Supported version of

Kazaa Media Desktop 2.6. Likely to be found in software supplied by

eUniverse sites, such as thunderdownloads.com, myfreecursors.com,

cursorzone.com and mycoolscreen.com. Likely to slow performance of

Internet Explorer. Can download and execute arbitrary code as

directed by its controlling server, as an update feature.

All of us knew about Hijackers/Browser Helper Objects; some of them

may hijack your sessions but do you care crashing your web browser by

a single blink?

When you use PerfectNav it is easy to crash your Internet Explorer

(iexplore.exe) by any malformed URL like any thing you like: ? /? .

Run "iexplore.exe ?" or type "?" in your IE address bar and simply

get the error message:

"An error has occurred in Internet Explorer. Internet Explorer will

now close. If you continue to experience problems, please restart

your computer."

 

Exploit:

Easier to exploit than this bug? Just point out any malformed URL on

your target and it will be crashing her/his IE.

 

Workaround:

The easiest way to work around this vulnerability is just removing

PerfectNav from your computer. For information that may help you

prevent this problem from reoccurring, click on the link below.

http://www.pestpatrol.com/msperfectnavsupport.asp

If the problem persists, please contact eUniverse.com Inc. and alert

them of the problem.

Note: To have PestPatrol automatically detect and remove PerfectNav

and its components from your computer, you have to buy PestPatrol!

 

Tested on:

Internet Explorer 6 Service Pack 1 (6.0.2800.1106) on Windows XP

Service Pack 1a

 

Feedback:

Kaveh Mofidi (Admin () SecureTarget Net)

Secure Target Network (Security Consulting/Training Group)

HTTP://SECURETARGET.NET

 

-----BEGIN PGP SIGNATURE-----

Version: PGP 8.0.2

 

iQA/AwUBQDyI0WO1siv41icpEQJxTwCcD3Jm+cGYEnZeYpKp/sfL4uDrgzYAoPIz

J+N/cjVVES/OmbDwpAcM9AR3

=Gsby

-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: