Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Remote overflow in MSIE script action handlers (mshtml.dll)
Mar 16 2006 07:22PM
Michal Zalewski (lcamtuf dione ids pl)
This might not come as a surprise, but there appears to be a *very*
interesting and apparently very much exploitable overflow in Microsoft
Internet Explorer (mshtml.dll).
This vulnerability can be triggered by specifying more than a couple
thousand script action handlers (such as onL...
[ more ]
Copyright 2010, SecurityFocus