Computer Security

Microsoft Internet Explorer memory corruption
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Microsoft Internet Explorer memory corruption
Published:18.12.2008
Source:MICROSOFT
SecurityVulns ID:9526
Type:client
Level:10/10
Description:Memory corruption leads to code execution. Vulnerability is used in-the-wild for hidden malware installation.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
CVE:CVE-2008-4844 (Use-after-free vulnerability in mshtml.dll in Microsoft Internet Explorer 5.01, 6, and 7 on Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a crafted XML document containing nested SPAN elements, as exploited in the wild in December 2008.)
Original documentdocumentCERT, US-CERT Technical Cyber Security Alert TA08-352A -- Microsoft Internet Explorer Data Binding Vulnerability (18.12.2008)
 documentMICROSOFT, Microsoft Security Bulletin MS08-078 - Critical Security Update for Internet Explorer (960714) (18.12.2008)
Files:Microsoft Security Bulletin MS08-078 - Critical Security Update for Internet Explorer (960714)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server