Microsoft Internet Explorer Vector Markup Language Buffer Overflow Vulnerability

Microsoft Internet Explorer Vector Markup Language Buffer Overflow Vulnerability

Proprietary, non-public, proof-of-concept exploits are currently available for this vulnerability.

Exploits for members of the Immunity Partner's Program are available.

UPDATE (May 15, 2007): This issue is being exploited by the MPack hacker tool. Please see the references for more information.

The following exploits are available:

/data/vulnerabilities/exploits/20096.html
/data/vulnerabilities/exploits/vml.c
/data/vulnerabilities/exploits/20096.pl
/data/vulnerabilities/exploits/20096_jamikazu.txt
/data/vulnerabilities/exploits/20096_XP_SP0_SP1_2K.pl
/data/vulnerabilities/exploits/ie_vml_rectfill.pm
/data/vulnerabilities/exploits/ms06_055_vml_method.rb