• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Internet Explorer DHTML Method Buffer Overflow Vulnerability

Solution:
Microsoft has released a cumulative update for Internet Explorer to address this and other vulnerabilities. Updates for Internet Explorer on Microsoft Windows 98/98SE/ME may be obtained through Windows Update.

Nortel Networks has released security advisory 2005005511-2 acknowledging this issue. Please see the referenced advisory for more information.


Microsoft Internet Explorer 6.0 SP1

• Microsoft Cumulative Security Update for Internet Explorer 6 Service Pack 1 for Windows XP/2000 (KB867282)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=E473CD05-3320 -4322-B437-F3A61E62F567


• Microsoft Cumulative Security Update for Internet Explorer 6 SP1 64-bit Edition (KB867282)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=7EAE62C0-3DA0 -4BAC-B2FE-ECE89959053D

Microsoft Internet Explorer 6.0 SP2 - do not use

• Microsoft Cumulative Security Update for Internet Explorer for XP Service Pack 2 (KB867282)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=82056EAB-8367 -4B04-A11A-1002D14EB55B

Microsoft Internet Explorer 6.0

• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 (KB867282)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=4DC0FE8A-9D03 -4AB8-8EAF-C85FF25CB1A2


• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 64-bit Edition (KB867282)
  http://www.microsoft.com/downloads/details.aspx?familyid=E3C4DA1F-6FA2 -4A2B-A6D9-24B599C353B3&displaylang=en

Microsoft Internet Explorer 5.0.1 SP4

• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 4 (KB867282)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=4C2CBB4B-2F00 -4CD6-BB98-AD14A48B53C0

Microsoft Internet Explorer 5.0.1 SP3

• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 3 (KB867282)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=34F5BCDE-4EE2 -4EFD-BB60-F5A6BC5F56D1