BetaONE will rise again!


Reply
  #1  
Old 4th Nov 04, 05:00 PM
NewsBot's Avatar
NewsBot NewsBot is offline
Senior Member
 
Join Date: Oct 2004
Posts: 30,940
NewsBot will become famous soon enough
Serious IE Hole Opens Pre XP SP2 PCs Up to Attacks
US-CERT on Wednesday warned of a fresh hole in Internet Explorer that could allow attackers to take control of a PC via an HTML e-mail message or a malicious Web page. The flaw is all the more serious because exploit code has been published on public mailing lists, according to security researchers.

The flaw, a heap buffer overflow, is in the way IE handles two attributes of the "frame" and "iframe" HTML elements. An exploit currently circulating uses overly long SRC and NAME attributes to cause IE to execute an attacker's shell code, according to US-CERT. Users could be attacked via a malicious Web page viewed in an affected version of IE or possibly through an HTML e-mail viewed in an application such as Outlook, Outlook Express, AOL or Lotus Notes that relies on the WebBrowser ActiveX control, according to researchers.

View: US-CERT's Vulnerability Note VU#842160

News source: Neowin
Full story: View Here
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is On
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
PC Makers Seize the Reins of XP SP2 Security NewsBot NeoWin News 0 21st Oct 04 11:00 PM
PC Makers Seize the Reins of XP SP2 Security NewsBot NeoWin News 0 21st Oct 04 12:57 PM


All times are GMT +1. The time now is 07:02 AM.


Design by Vjacheslav Trushkin for phpBBStyles.com.
Powered by vBulletin® Version 3.6.5
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.