Microsoft Internet Explorer multiple security vulnerabilities updated since 14.10.2008
Published:		21.10.2008
Source:		MICROSOFT
SecurityVulns ID:		9361
Type:		remote
Level:		7/10
Description:		Memory corruptions, information hijack, crossite scripting.

Affected:		MICROSOFT : Windows 2000 Server
		MICROSOFT : Windows 2000 Professional
		MICROSOFT : Windows XP
		MICROSOFT : Windows 2003 Server
		MICROSOFT : Windows Vista
		MICROSOFT : Windows 2008 Server
CVE:		CVE-2008-3476
		CVE-2008-3475
		CVE-2008-3474
		CVE-2008-3473
		CVE-2008-3472
		CVE-2008-2947 (Cross-domain vulnerability in Microsoft Internet Explorer 6 allows remote attackers to access restricted information from other domains via JavaScript that uses the Object data type for the value of a (1) location or (2) location.href property.)

Original document		security_(at)_nruns.com, n.runs-SA-2008.008 - Internet Explorer HTML Object Memory Corruption and Remote Code Execution (21.10.2008)
		ifsecure_(at)_gmail.com, Internet Explorer 6 componentFromPoint() remote memory disclosure and remote code execution (16.10.2008)
		ZDI, [Full-disclosure] ZDI-08-069: Microsoft Internet Explorer componentFromPoint Memory Corruption Vulnerability (15.10.2008)
		MICROSOFT, Microsoft Security Bulletin MS08-058 - Critical Cumulative Security Update for Internet Explorer (956390) (14.10.2008)

Files:		Microsoft Security Bulletin MS08-058 - Critical Cumulative Security Update for Internet Explorer (956390)
Discuss:		Read or add your comments to this news (0 comments)