Microsoft IE Element Tag Uninitialized Memory Corruption

2007-12-11T18:18:44
ID OSVDB:39120
Type osvdb
Reporter Peter Vreugdenhil()
Modified 2007-12-11T18:18:44

Description

Vulnerability Description

A heap overflow exists in Internet Explorer. The handling of document objects may cause the document model in memory to become unstable resulting in a heap overflow. With a specially crafted web page, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

Solution Description

Microsoft has released a patch to address this issue.

Short Description

Microsoft IE 6 & 7 Element Tag Uninitialized Memory Corruption

References:

Secunia Advisory ID:28036 Related OSVDB ID: 39118 Related OSVDB ID: 39119 Related OSVDB ID: 39121 Other Advisory URL: http://www.zerodayinitiative.com/advisories/ZDI-07-075.html Microsoft Security Bulletin: MS07-069 Microsoft Knowledge Base Article: 942615 Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2007-12/0307.html Keyword: Tipping Point IPS ID 5822 CVE-2007-5344