4 matches found
Secunia Research: Internet Explorer Data Stream Handling Vulnerability
====================================================================== Secunia Research 08/04/2008 - Internet Explorer Data Stream Handling Vulnerability - ====================================================================== Table of Contents Affected...
Microsoft IE数据流处理远程代码执行漏洞(MS08-024)
BUGTRAQ ID: 28552 CVECAN ID: CVE-2008-1085 Internet Explorer是微软发布的非常流行的WEB浏览器。 IE在处理数据流时存在漏洞,远程攻击者可能利用此漏洞控制用户系统。 如果用户使用Internet Explorer查看了特制网页,网页就可能返回没有注册处理器的非预期MIME类型数据流,触发释放后使用的情况,导致执行任意代码。帐户被配置为拥有较少用户权限的用户比具有管理用户权限的用户受到的影响要小。 Microsoft Internet Explorer 7.0 Microsoft Internet Explorer 6.0 SP1...
Microsoft Windows DNS客户端可预测事件处理ID漏洞(MS08-020)
BUGTRAQ ID: 28553 CVECAN ID: CVE-2008-1085 Microsoft Windows是微软发布的非常流行的操作系统。 Windows DNS客户端服务在执行DNS查询时,随机选择事件处理值没有提供足够的熵。未经认证的攻击者可以向有漏洞客户端的DNS请求返回恶意响应,欺骗或重新定向合法位置的Internet通讯。 Microsoft Windows XP SP2 Microsoft Windows Vista Microsoft Windows Server 2003 SP2 Microsoft Windows Server 2003 SP1...
MS08-024: Cumulative Security Update for Internet Explorer (947864)
The remote host is missing the IE cumulative security update 947864. The remote version of IE is vulnerable to several flaws that could allow an attacker to execute arbitrary code on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid31797;...