{"vuid":"VU#718542","idnumber":"718542","name":"Microsoft Agent vulnerable to trusted site spoofing","keywords":["Microsoft Agent","spoofing","890046","MS05-032"],"overview":"Microsoft Agent contains a vulnerability that could allow a remote attacker to spoof trusted Internet content.","clean_desc":"Microsoft Agent is a software extension that enhances user interaction through the use of interactive personalities in the form of animated characters. Applications and web pages can be programmed to invoke Microsoft Agent to make navigation and other tasks easier and more natural for the user. A flaw in Microsoft Agent allows security prompts to be disguised by a Microsoft Agent character. As a result, users could be led to believe that they are accessing trusted Internet content when, in fact, they are accessing malicious Internet content. The user could subsequently be convinced to unintentionally allow the installation of malicious software. A remote attacker with the ability to craft a malicious web page and persuade or trick a user into visiting it could exploit this vulnerability.","impact":"An attacker could spoof trusted Internet content, resulting in the installation of malicious code on the victim system.","resolution":"Apply a patch Microsoft has published Microsoft Security Bulletin MS05-032 in response to this issue. Users are encouraged to review the bulletin and apply the patches it refers to.","workarounds":"Workarounds In addition to the patches referenced above, Microsoft Security Bulletin MS05-032 also contains workaround information to mitigate this issue. Users, particularly those who are unable to apply the patches, should consider implementing these workarounds as appropriate.","sysaffected":"","thanks":"Thanks to Microsoft for reporting this vulnerability. Microsoft, in turn, credits \nMichael Krax\n with discovering and reporting this issue to them.","author":"This document was written by Chad Dougherty based on information provided by Microsoft.","public":["http://www.microsoft.com/technet/security/bulletin/MS05-032.mspx","http://www.ciac.org/ciac/bulletins/p-229.shtml","http://secunia.com/advisories/15689/"],"cveids":["CVE-2005-1214"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2005-06-14T18:54:47Z","publicdate":"2005-06-14T00:00:00Z","datefirstpublished":"2005-06-14T21:31:47Z","dateupdated":"2005-08-02T18:50:56Z","revision":11,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"5","cam_population":"15","cam_impact":"10","cam_easeofexploitation":"8","cam_attackeraccessrequired":"20","cam_scorecurrent":"9","cam_scorecurrentwidelyknown":"11.25","cam_scorecurrentwidelyknownexploited":"20.25","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":9.0,"vulnote":null}