3 matches found
[Full-disclosure] ZDI-06-048: Microsoft Internet Explorer normalize() Function Memory Corruption Vulnerability
ZDI-06-048: Microsoft Internet Explorer normalize Function Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-048.html December 12, 2006 -- CVE ID: CVE-2006-5581 -- Affected Vendor: Microsoft -- Affected Products: Internet Explorer 6 -- TippingPointTM IPS Customer...
CVE-2006-5581
CVE-2006-5581 concerns Microsoft Internet Explorer 6, where parsing certain DHTML script function calls leads to memory corruption via incorrectly created elements. Exploitation requires the user to view a malicious page, enabling remote code execution on vulnerable IE 6 clients. The vulnerabilit...
MS06-072: Cumulative Security Update for Internet Explorer (925454)
The remote host is missing the IE cumulative security update 925454. The remote version of IE is vulnerable to several flaws that could allow an attacker to execute arbitrary code on the remote host. Note that Microsoft has re-released this hotfix as its initial version contained a buffer overflo...