Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
MSIE (mshtml.dll) OBJECT tag vulnerability
Apr 22 2006 11:30PM
Michal Zalewski (lcamtuf dione ids pl)
Perhaps not surprisingly, there appears to be a vulnerability in how
Microsoft Internet Explorer handles (or fails to handle) certain
combinations of nested OBJECT tags. This was tested with MSIE
6.0.2900.2180.xpsp.040806-1825 and mshtml.dll 6.00.2900.2873
At first sight, ...
[ more ]
Copyright 2010, SecurityFocus