Sunday, April 23, 2006

Microsoft Internet Explorer Nested OBJECT Tag Memory Corruption Vulnerability

Saw this over at SecurityFocus.com:

Microsoft Internet Explorer is prone to a memory-corruption vulnerability. This issue is due to a flaw in the application in handling nested OBJECT tags in HTML content. An attacker could exploit this issue via a malicious web page to potentially execute arbitrary code in the context of the currently logged-in user, but this has not been confirmed. Exploit attempts likely result in crashing the affected application. The issue could also be exploited through HTML email/newsgroup postings, or other applications that employ the affected component.

Microsoft Internet Explorer 6 for Microsoft Windows XP SP2 is reportedly vulnerable to this issue; other versions may also be affected.

See the SF page above for PoCs.

Michal Zalewski is credited with the discovery of this vulnerability

No comments:

Post a Comment