Microsoft Internet Explorer Double Byte Character Memory Corruption Vulnerability

Microsoft Internet Explorer Double Byte Character Memory Corruption Vulnerability

Microsoft Internet Explorer is prone to a memory-corruption vulnerability. This is related to an error in how double-byte character set (DBCS) characters are handled in Internationalized Domain Names (IDN) included in URLS from rendered HTML content.

An attacker could exploit this issue via a malicious web page to execute arbitrary code in the context of the currently logged-in user. The issue could also be exploited through HTML email/newsgroup postings, or other applications that employ the affected component.

Microsoft has stated that this issue does not apply to Internet Explorer 6.0 on Windows Server 2003 SP1.