• info
• discussion
• exploit
• solution
• references

Microsoft Internet Explorer HTML Objects Memory Corruption Vulnerability

Solution:
Microsoft has released an advisory along with fixes to address this issue. Please see the references for more information.


Microsoft Internet Explorer 7.0

• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 (KB953838)
  Windows Server 2003 Service Pack 1; Windows Server 2003 Service Pack 2
  http://www.microsoft.com/downloads/details.aspx?familyid=B3C2E2FD-1CB9 -491B-937C-053DD59A65BF


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 x64 Edition (KB953838)
  Windows Server 2003 Service Pack 1; Windows Server 2003 Service Pack 2 x64 Edition
  http://www.microsoft.com/downloads/details.aspx?familyid=88A26B76-F7DF -45C9-8ED0-7D3CD71C1987


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows XP (KB953838)
  Windows XP Service Pack 2; Windows XP Service Pack 3
  http://www.microsoft.com/downloads/details.aspx?familyid=8E2125C7-52CB -4052-82A3-2D3C6A953752


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows XP x64 Edition (KB953838)
  Windows XP Professional x64 Edition
  http://www.microsoft.com/downloads/details.aspx?familyid=39B41E4B-3237 -409D-A818-AB0517C5E7CF


• Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 (KB953838)
  Windows Server 2008
  http://www.microsoft.com/downloads/details.aspx?familyid=4B52FF2F-D2F5 -4C20-B6CF-86D86C56B0F8


• Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 x64 Edition (KB953838)
  Windows Server 2008
  http://www.microsoft.com/downloads/details.aspx?familyid=DF9814A6-5BE0 -4AC1-A767-A0EAE8D5EE5D


• Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB953838)
  Windows Vista; Windows Vista Service Pack 1
  http://www.microsoft.com/downloads/details.aspx?familyid=13CBA012-DD20 -48F9-8E44-E4CB104C4CAD


• Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Vista x64 Edition (KB953838)
  Windows Vista 64-bit Editions Service Pack 1; Windows Vista Business 64-bit edition; Windows Vista Enterprise 64-bit edition; Windows Vista Home Basic 64-bit edition; Windows Vista Home Premium 64-bit edition; Windows Vista Ultimate 64-bit edition
  http://www.microsoft.com/downloads/details.aspx?familyid=EAD919C2-D548 -47B7-9CD6-80F991266428


• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 (KB953838)
  Windows Server 2003 Service Pack 1; Windows Server 2003 Service Pack 2
  http://www.microsoft.com/downloads/details.aspx?familyid=0617A5DD-DCE9 -4DE0-B0A0-CE38EFE13524


• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 x64 Edition (KB953838)
  Windows Server 2003 Service Pack 1; Windows Server 2003 Service Pack 2 x64 Edition
  http://www.microsoft.com/downloads/details.aspx?familyid=32A63F52-9FE6 -48E3-BB4E-7D4DDA5E0A90

Microsoft Internet Explorer 6.0 SP1

• Microsoft Cumulative Security Update for Internet Explorer 6 SP1 (KB953838)
  Windows 2000 Service Pack 4
  http://www.microsoft.com/downloads/details.aspx?familyid=AA780735-5928 -4C46-89A4-63A814954796


• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 (KB953838)
  Windows Server 2003 Service Pack 1; Windows Server 2003 Service Pack 2
  http://www.microsoft.com/downloads/details.aspx?familyid=0617A5DD-DCE9 -4DE0-B0A0-CE38EFE13524


• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 x64 Edition (KB953838)
  Windows Server 2003 Service Pack 1; Windows Server 2003 Service Pack 2 x64 Edition
  http://www.microsoft.com/downloads/details.aspx?familyid=32A63F52-9FE6 -48E3-BB4E-7D4DDA5E0A90


• Microsoft Cumulative Security Update for Internet Explorer for Windows XP (KB953838)
  Windows XP Service Pack 2; Windows XP Service Pack 3
  http://www.microsoft.com/downloads/details.aspx?familyid=69AF2F30-138E -4B15-AB8D-4FCE44CC0BC2


• Microsoft Cumulative Security Update for Internet Explorer for Windows XP x64 Edition (KB953838)
  Windows XP Professional x64 Edition
  http://www.microsoft.com/downloads/details.aspx?familyid=4780B89E-9735 -4D3F-8DEF-34E7337FF604

Microsoft Internet Explorer 6.0

• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 (KB953838)
  Windows Server 2003 Service Pack 1; Windows Server 2003 Service Pack 2
  http://www.microsoft.com/downloads/details.aspx?familyid=0617A5DD-DCE9 -4DE0-B0A0-CE38EFE13524


• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 x64 Edition (KB953838)
  Windows Server 2003 Service Pack 1; Windows Server 2003 Service Pack 2 x64 Edition
  http://www.microsoft.com/downloads/details.aspx?familyid=32A63F52-9FE6 -48E3-BB4E-7D4DDA5E0A90


• Microsoft Cumulative Security Update for Internet Explorer for Windows XP (KB953838)
  Windows XP Service Pack 2; Windows XP Service Pack 3
  http://www.microsoft.com/downloads/details.aspx?familyid=69AF2F30-138E -4B15-AB8D-4FCE44CC0BC2


• Microsoft Cumulative Security Update for Internet Explorer for Windows XP x64 Edition (KB953838)
  Windows XP Professional x64 Edition
  http://www.microsoft.com/downloads/details.aspx?familyid=4780B89E-9735 -4D3F-8DEF-34E7337FF604

Microsoft Internet Explorer 5.0.1 SP1

• Microsoft Cumulative Security Update for Internet Explorer 5.01 Service Pack 4 (KB953838)
  Windows 2000 Service Pack 4
  http://www.microsoft.com/downloads/details.aspx?familyid=1557B93B-ECBA -4F42-B89D-DB0EE067D65B

Microsoft Internet Explorer 5.0.1 SP4

• Microsoft Cumulative Security Update for Internet Explorer 5.01 Service Pack 4 (KB953838)
  Windows 2000 Service Pack 4
  http://www.microsoft.com/downloads/details.aspx?familyid=1557B93B-ECBA -4F42-B89D-DB0EE067D65B

Microsoft Internet Explorer 5.0.1 SP2

• Microsoft Cumulative Security Update for Internet Explorer 5.01 Service Pack 4 (KB953838)
  Windows 2000 Service Pack 4
  http://www.microsoft.com/downloads/details.aspx?familyid=1557B93B-ECBA -4F42-B89D-DB0EE067D65B

Microsoft Internet Explorer 5.0.1 SP3

• Microsoft Cumulative Security Update for Internet Explorer 5.01 Service Pack 4 (KB953838)
  Windows 2000 Service Pack 4
  http://www.microsoft.com/downloads/details.aspx?familyid=1557B93B-ECBA -4F42-B89D-DB0EE067D65B

Microsoft Internet Explorer 5.0.1

• Microsoft Cumulative Security Update for Internet Explorer 5.01 Service Pack 4 (KB953838)
  Windows 2000 Service Pack 4
  http://www.microsoft.com/downloads/details.aspx?familyid=1557B93B-ECBA -4F42-B89D-DB0EE067D65B