Dismiss Notice
Welcome to Our Community
Wanting to join the rest of our members? Feel free to sign up today.

buffer overflow in Internet Explorer 6

Discussion in 'General Marketing' started by Alexandru Ungur, Dec 3, 2004.

  1. Alexandru Ungur

    Alexandru Ungur New Member Webmaster

    - Important update for Internet Explorer 6 -
    Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)

    Madrid, December 2 2004 - Microsoft has released an update(*) to resolve a
    buffer overflow in Internet Explorer 6, which could allow attackers to run
    arbitrary code and take control of vulnerable systems.

    The buffer overflow occurs in the handling of the SRC and NAME attributes of
    IFRAME tags. An attacker could exploit a maliciously-crafted HTML document
    which, when viewed, could allow arbitrary code to be run and give the
    attacker remote control of the compromised system.

    According to Microsoft, all versions of Internet Explorer 6 are affected in
    all Windows platforms -except Windows XP with Service Pack 2-, Windows XP
    64-Bit Edition Version 2003, and Windows Server 2003. Given that this is
    being exploited by certain malicious code -such as variants of the W32/Bofra
    worm-, all users whose systems are affected by the vulnerability are advised
    to install the patch.

    (*) More details about the vulnerability, affected versions and the
    downloads of the updates are available in the Microsoft bulletin MS04-040
    at: http://www.microsoft.com/technet/security/bulletin/ms04-040.mspx
  2. Paul_KY

    Paul_KY New Member Webmaster

    "Non-Affected Software:

    • Microsoft Windows XP Service Pack 2"


Featured Resources (View All)

Share This Page