Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Vista

Microsoft Internet Explorer DHTML Method Buffer Overflow Vulnerability

Microsoft Internet Explorer is prone to a heap-based buffer overflow vulnerability. This vulnerability is due to a boundary condition error that is exposed when passing data to the 'createControlRange()' DHTML method, resulting in corruption of heap-based memory with attacker-supplied data.

This vulnerability could be exploited to execute arbitrary code in the context of the currently logged in user.







 

Privacy Statement
Copyright 2008, SecurityFocus