Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Microsoft Internet Explorer HTML Document Directive Buffer Overflow Vuln.

Microsoft Internet Explorer HTML Document Directive Buffer Overflow Vuln.

by Nikola Strahija on February 13th, 2002 Due to a flaw in IE's implementation of an HTML directive, it is possible for a remote attacker to execute arbitrary code on a user's system.


MSIE supports a directive to embed document files in webpages. A buffer overflow condition exists in this feature that may allow for remote attackers to execute arbitrary code on client systems. This vulnerability may be exploited to execute arbitrary code through a maliciously constructed webpage or HTML email. Any arbitary code will be executed within the security context of the user running the client.

Successful exploitation of this issue could result in a compromise of the host.

Remote: Yes
Exploit: There is no exploit.
Solution: Microsoft has released a patch which addresses this issue:


Microsoft Internet Explorer 5.01:
Microsoft Internet Explorer 5.0.1SP2:

Microsoft Patch q316059_IE 5.01
http://download.microsoft.com/download/ie501sp2/secpac25/5.01_sp2/NT5/EN-US/q316059.exe

Microsoft Internet Explorer 5.0.1SP1:
Microsoft Internet Explorer 5.5SP2:

Microsoft Patch q316059_IE 5.5SP2
http://download.microsoft.com/download/ie55sp2/secpac25/5.5_sp2/WIN98Me/EN-US/q316059.exe

Microsoft Internet Explorer 5.5SP1:

Microsoft Patch q316059_IE 5.5SP1
http://download.microsoft.com/download/ie55sp1/secpac25/5.5_sp1/WIN98Me/EN-US/q316059.exe

Microsoft Internet Explorer 5.5:
Microsoft Internet Explorer 6.0:

Microsoft Patch q316059_IE6
http://download.microsoft.com/download/IE60/secpac25/6/W98NT42KMeXP/EN-US/q316059.exe



Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »