Rhino
04-25-2006, 07:56 AM
Secunia Advisory: SA19762
Release Date: 2006-04-25
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Unpatched
Software: Microsoft Internet Explorer 6.x
Description:
Michal Zalewski has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a users system.
The vulnerability is caused due to an error in the processing of certain sequences of nested "object" HTML tags. This can be exploited to corrupt memory by tricking a user into visiting a malicious web site.
Successful exploitation allows execution of arbitrary code.
The vulnerability has been confirmed on a fully patched system with Internet Explorer 6.0 and Microsoft Windows XP SP2. Other versions may also be affected.
Solution:
Do not visit untrusted web sites...........http://secunia.com/advisories/19762/
No patch yet.
Release Date: 2006-04-25
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Unpatched
Software: Microsoft Internet Explorer 6.x
Description:
Michal Zalewski has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a users system.
The vulnerability is caused due to an error in the processing of certain sequences of nested "object" HTML tags. This can be exploited to corrupt memory by tricking a user into visiting a malicious web site.
Successful exploitation allows execution of arbitrary code.
The vulnerability has been confirmed on a fully patched system with Internet Explorer 6.0 and Microsoft Windows XP SP2. Other versions may also be affected.
Solution:
Do not visit untrusted web sites...........http://secunia.com/advisories/19762/
No patch yet.