• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Internet Explorer Arbitrary Program Execution Vulnerability

Solution:
Microsoft has released cumulative patches to address this issue. It should be noted, however, that the cumulative patch does not address the issue described in Microsoft Security Bulletin MS02-009 (ie: BugTraq ID 4158 "Microsoft VBScript Same Origin Policy Violation Vulnerability").


Microsoft Internet Explorer 5.5 SP2

• Microsoft Q319182 IE5.5 SP2
  http://download.microsoft.com/download/ie55sp2/secpac26/5.5_sp2/WIN98M e/EN-US/q319182.exe

Microsoft Internet Explorer 5.5 SP1

• Microsoft Q319182 IE5.5 SP1
  http://download.microsoft.com/download/ie55sp1/secpac26/5.5_sp1/WIN98M e/EN-US/q319182.exe

Microsoft Internet Explorer 6.0

• Microsoft Q319182 IE6
  http://download.microsoft.com/download/IE60/secpac26/6/W98NT42KMeXP/EN -US/q319182.exe

Microsoft Internet Explorer 5.0.1 SP2

• Microsoft Q319182 IE5.01 SP2
  http://download.microsoft.com/download/ie501sp2/secpac26/5.01_sp2/W982 KNT4/EN-US/q319182.exe