Welcome to TheBUGS - Security related portal. Search crack, serial number, keygen, patch, activation unlock code  - Internet Explorer 6.x "object" Tag Memory Corruption Vulnerability
Press CTRL-D to bookmark us
Cracks, serial number, activation, unlock code, nocd
Welcome GuestLogin / Register / Members
Merge or split your pdf files ONLINE and FREE
Bookmark us | Set As Homepage | Advertising | Feedback | Recomend us | Link us | Your comments | Gallery | Terms
Security News | Security Library | Forums | Top Sites | Direct Downloads | Cracks / SN | Links | Books |
  -
 Network
 Top sites
 Direct Download Links
 Password Generator
 Cheats
 HackZone.RU - HACK & CRACK & ВЗЛОМ

 
 Forums
 Best Sites

 Full list
 Your site here
 
 Sponsor
 Partners

CrackSpider.NET

CrackTeam.ws

KeyGen.us



Manuals.ws

Mobile-Review.ws

Your link here
 


You are welcome to post comments and suggestions

Copyright 2001-2008 by Freeman
Search in

> TOP10 SECURITY SITES <
Your site here
Your site here
Your site here
Your site here
Your site here
Your site here
Your site here
Your site here
Your site here
Your site here
>> Your site here <<

Top Submit newsSubscribe
Access Control // Auditing // Communication // Computer Crime // Confidentiality // Cryptography // Digital Imaging // Exploit // Gadgets // Hack // Hardware // Incidents // Internet // Intrusion Detection // Linux // Malicious Code // Microsoft Windows // Mobile // Other // PDA // Phreaking // Privacy // Software Updates // Virus // Vulnerability //


Previous articleBack to news listNext article
 
 Sponsored links

Want to become one of our authors and see your work published on TheBUGS ?
 
 Internet Explorer 6.x "object" Tag Memory Corruption Vulnerability
Categorie: Vulnerability
Posted: 2006-05-15 by DiMan
Views: 1955
Source: Click here
 
Current Rating: Not rated
Poor Best
 Details
Description:
Michal Zalewski has discovered a vulnerability in Internet Explorer, which potentially can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an error in the processing of certain sequences of nested "object" HTML tags. This can be exploited to corrupt memory by tricking a user into visiting a malicious web site.

Successful exploitation may allow execution of arbitrary code, but has not been proven.

NOTE: During analysis, Secunia discovered a variant of this vulnerability and confirmed code execution on a fully patched system with Internet Explorer 6.0 and Microsoft Windows XP SP2. Other versions may also be affected. Details about this variant will not be publicly disclosed at present, but have been sent to Microsoft, who are currently working on a patch.

Solution:
Do not visit untrusted web sites.

Provided and/or discovered by:
Original issue discovered by:
Michal Zalewski

Code execution variant discovered by:
Andreas Sandblad, Secunia Research.

Changelog:
2006-04-28: Updated "Description" section to clarify that Secunia has successfully exploited the vulnerability.
2006-05-01: Updated "Description" section. During further analysis, it has become clear that the issue successfully exploited by Secunia is a variant of the issue discovered by Michal Zalewski.
2006-05-05: Added CVE reference.

Original Advisory:
Michal Zalewski:


 
Syndication
Permalink Email this

The URI to TrackBack this entry is:
http://www.thebugs.ws/news/trackback.php?id=1622

User comments (post your comments here)

Only registerd members can post comments and articles
 

Previous articleBack to news listNext article
 

 Last security news  Last forum messages
  • Bluesoleil (general bluetooth) drivers update 2.3.060728...
  • Blu-ray, HD DVD DRM busted...
  • FBI database hacked...
  • Phishing by phone...
  • Microsoft France site cracked...
  • Social networks poised to shape Net's future...
  • Windows Vista Beta 2 Available for Public Download...
  • Hacker Steals Energy Department Employee Data...
  • PQI Introduces 64GB NAND Flash 2.5" Disks...
  • MSIE (mshtml.dll) OBJECT tag vulnerability...

    More news... Submit news RSS
  • Cracks and Serials / Re: TurboTax for Canadians 2016
  • Cracks and Serials / Re: TurboTax for Canadians 2016
  • Cracks and Serials / Re: * Cast-soft Wysiwyg R37 cracked *
  • Cracks and Serials / Re: impГґt expert 2016
  • Cracks and Serials / Re: Ufile / ImpotExpert 2016
  • Cracks and Serials / Re: TurboTax for Canadians 2016
  • Cracks and Serials / Re: TurboTax for Canadians 2016
  • Cracks and Serials / Re: TurboTax for Canadians 2016
  • Cracks and Serials / Re: TurboTax for Canadians 2016
  • Cracks and Serials / Re: TurboTax for Canadians 2016

    Go to forums... RSS



  • Ya-Cyt SpyLOG - Спайлог Page Rank Checker