Internet Explorer IFRAME buffer overflow

2006-05-03T00:00:00
ID SAINT:A01CFAB632B0126E404B178041624043
Type saint
Reporter SAINT Corporation
Modified 2006-05-03T00:00:00

Description

Added: 05/03/2006
CVE: CVE-2004-1050
BID: 11515
OSVDB: 11337

Background

Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems.

Problem

A buffer overflow when processing the **name** attribute in an **IFRAME** tag allows command execution when a malformed web page is loaded.

Resolution

Apply the update referenced in Microsoft Security Bulletin 04-040 or a later cumulative Internet Explorer update.

References

<http://www.kb.cert.org/vuls/id/842160>

Limitations

Exploit works on Internet Explorer 6. Exploitation requires a user to load the exploit into Internet Explorer.

Platforms

Windows