• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Internet Explorer HTML Object Memory Corruption Vulnerability

Solution:
Microsoft has released an advisory along with fixes to address this issue. Please see the references for more information.


Microsoft Internet Explorer 7.0

• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 (KB953838)
  Windows Server 2003 Service Pack 1; Windows Server 2003 Service Pack 2
  http://www.microsoft.com/downloads/details.aspx?familyid=B3C2E2FD-1CB9 -491B-937C-053DD59A65BF


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 64-bit Itanium Edition (K
  Windows Server 2003 Service Pack 1 for Itanium-based Systems; Windows Server 2003 Service Pack 2 for Itanium-based Systems
  http://www.microsoft.com/downloads/details.aspx?familyid=97D0D37D-5D76 -4BC3-8CBD-1E3976C82ACF


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 x64 Edition (KB953838)
  Windows Server 2003 Service Pack 1; Windows Server 2003 Service Pack 2 x64 Edition
  http://www.microsoft.com/downloads/details.aspx?familyid=88A26B76-F7DF -45C9-8ED0-7D3CD71C1987


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows XP (KB953838)
  Windows XP Service Pack 2; Windows XP Service Pack 3
  http://www.microsoft.com/downloads/details.aspx?familyid=8E2125C7-52CB -4052-82A3-2D3C6A953752


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows XP x64 Edition (KB953838)
  Windows XP Professional x64 Edition
  http://www.microsoft.com/downloads/details.aspx?familyid=39B41E4B-3237 -409D-A818-AB0517C5E7CF


• Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 (KB953838)
  Windows Server 2008
  http://www.microsoft.com/downloads/details.aspx?familyid=4B52FF2F-D2F5 -4C20-B6CF-86D86C56B0F8


• Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 x64 Edition (KB953838)
  Windows Server 2008
  http://www.microsoft.com/downloads/details.aspx?familyid=DF9814A6-5BE0 -4AC1-A767-A0EAE8D5EE5D


• Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB953838)
  Windows Vista; Windows Vista Service Pack 1
  http://www.microsoft.com/downloads/details.aspx?familyid=13CBA012-DD20 -48F9-8E44-E4CB104C4CAD


• Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Vista x64 Edition (KB953838)
  Windows Vista 64-bit Editions Service Pack 1; Windows Vista Business 64-bit edition; Windows Vista Enterprise 64-bit edition; Windows Vista Home Basic 64-bit edition; Windows Vista Home Premium 64-bit edition; Windows Vista Ultimate 64-bit edition
  http://www.microsoft.com/downloads/details.aspx?familyid=EAD919C2-D548 -47B7-9CD6-80F991266428


• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 (KB953838)
  Windows Server 2003 Service Pack 1; Windows Server 2003 Service Pack 2
  http://www.microsoft.com/downloads/details.aspx?familyid=0617A5DD-DCE9 -4DE0-B0A0-CE38EFE13524


• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 64-bit Itanium Edition (KB9
  Windows Server 2003 Service Pack 1 for Itanium-based Systems; Windows Server 2003 Service Pack 2 for Itanium-based Systems
  http://www.microsoft.com/downloads/details.aspx?familyid=1855997E-A3BE -46B1-A0BC-BB55EB0045FE


• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 x64 Edition (KB953838)
  Windows Server 2003 Service Pack 1; Windows Server 2003 Service Pack 2 x64 Edition
  http://www.microsoft.com/downloads/details.aspx?familyid=32A63F52-9FE6 -48E3-BB4E-7D4DDA5E0A90


• Microsoft Cumulative Security Update for Internet Explorer in Windows Server 2008 64-bit Itanium Edition (KB95
  Windows Server 2008 for Itanium-based Systems
  http://www.microsoft.com/downloads/details.aspx?familyid=FFC3CFCB-73FE -4A6D-9595-E9D7A5B3D3F7

Microsoft Internet Explorer 6.0 SP1

• Microsoft Cumulative Security Update for Internet Explorer 6 SP1 (KB953838)
  Windows 2000 Service Pack 4
  http://www.microsoft.com/downloads/details.aspx?familyid=AA780735-5928 -4C46-89A4-63A814954796


• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 (KB953838)
  Windows Server 2003 Service Pack 1; Windows Server 2003 Service Pack 2
  http://www.microsoft.com/downloads/details.aspx?familyid=0617A5DD-DCE9 -4DE0-B0A0-CE38EFE13524


• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 64-bit Itanium Edition (KB9
  Windows Server 2003 Service Pack 1 for Itanium-based Systems; Windows Server 2003 Service Pack 2 for Itanium-based Systems
  http://www.microsoft.com/downloads/details.aspx?familyid=1855997E-A3BE -46B1-A0BC-BB55EB0045FE


• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 x64 Edition (KB953838)
  Windows Server 2003 Service Pack 1; Windows Server 2003 Service Pack 2 x64 Edition
  http://www.microsoft.com/downloads/details.aspx?familyid=32A63F52-9FE6 -48E3-BB4E-7D4DDA5E0A90


• Microsoft Cumulative Security Update for Internet Explorer for Windows XP (KB953838)
  Windows XP Service Pack 2; Windows XP Service Pack 3
  http://www.microsoft.com/downloads/details.aspx?familyid=69AF2F30-138E -4B15-AB8D-4FCE44CC0BC2


• Microsoft Cumulative Security Update for Internet Explorer for Windows XP x64 Edition (KB953838)
  Windows XP Professional x64 Edition
  http://www.microsoft.com/downloads/details.aspx?familyid=4780B89E-9735 -4D3F-8DEF-34E7337FF604

Microsoft Internet Explorer 6.0

• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 (KB953838)
  Windows Server 2003 Service Pack 1; Windows Server 2003 Service Pack 2
  http://www.microsoft.com/downloads/details.aspx?familyid=0617A5DD-DCE9 -4DE0-B0A0-CE38EFE13524


• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 64-bit Itanium Edition (KB9
  Windows Server 2003 Service Pack 1 for Itanium-based Systems; Windows Server 2003 Service Pack 2 for Itanium-based Systems
  http://www.microsoft.com/downloads/details.aspx?familyid=1855997E-A3BE -46B1-A0BC-BB55EB0045FE


• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 x64 Edition (KB953838)
  Windows Server 2003 Service Pack 1; Windows Server 2003 Service Pack 2 x64 Edition
  http://www.microsoft.com/downloads/details.aspx?familyid=32A63F52-9FE6 -48E3-BB4E-7D4DDA5E0A90


• Microsoft Cumulative Security Update for Internet Explorer for Windows XP (KB953838)
  Windows XP Service Pack 2; Windows XP Service Pack 3
  http://www.microsoft.com/downloads/details.aspx?familyid=69AF2F30-138E -4B15-AB8D-4FCE44CC0BC2


• Microsoft Cumulative Security Update for Internet Explorer for Windows XP x64 Edition (KB953838)
  Windows XP Professional x64 Edition
  http://www.microsoft.com/downloads/details.aspx?familyid=4780B89E-9735 -4D3F-8DEF-34E7337FF604