Peaches Posted February 18, 2009 Report Share Posted February 18, 2009 Microsoft Internet Explorer Two Code Execution VulnerabilitiesSecunia Advisory: SA33845 Release Date: 2009-02-10 Last Update: 2009-02-11 Critical: Highly critical Impact: System accessWhere: From remote Solution Status: Vendor Patch Software:Microsoft Internet Explorer 7.xDescription:Two vulnerabilities have been reported in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system.1) An error when handling document objects can be exploited to corrupt memory via a specially crafted web page where an object is appended and deleted in a specific order.2) An error exists during parsing of CSS (Cascading Style Sheets) in XHTML strict mode when a style sheet contains a specific combination of style directives (one of them being a "zoom"). This can be exploited to corrupt memory via a specially crafted web page.Successful exploitation of the vulnerabilities allows execution of arbitrary code. Secunia advisories for full details: http://secunia.com/advisories/33845/ Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.