Skip to main content

Microsoft Internet Explorer Multiple Vulnerabilities( 13 February 2008 )

Last Update Date: 28 Jan 2011 Release Date: 13 Feb 2008 2230 Views

RISK: Medium Risk

1. HTML Rendering Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way Internet Explorer interprets HTML with certain layout combinations. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged on user.

2. Property Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way Internet Explorer handles a property method. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged on user.

3. Argument Handling Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way Internet Explorer handles argument validation in image processing. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged on user.

4. ActiveX Object Memory Corruption Vulnerability

A remote code execution vulnerability exists in a component of Microsoft Fox Pro. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged on user


Impact

  • Remote Code Execution

System / Technologies affected

  • Microsoft Internet Explorer 5.01
  • Microsoft Internet Explorer 6
  • Windows Internet Explorer 7
  • Windows 2000
  • Windows XP
  • Windows Server 2003
  • Windows Vista

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Download locations for this patch


Vulnerability Identifier


Source


Related Link