SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information

Report a Vulnerability

 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

Vulnerability Note VU#169753

Buffer Overflow in URLMON.DLL

Overview

A buffer overflow in URLMON.DDL may allow an intruder to execute arbitrary code.

I. Description

URLMON.DLL is a library used by Microsoft Internet Explorer. It contains a buffer overflow that could allow an intruder to execute arbitrary code if the intruder can convince the victim to visit a malicious web page or, in some limited circumstances, open a malicious email message. For more information, see Microsoft Security Bulletin MS03-015.

II. Impact

An intruder could execute arbitrary code with the privileges of the user operating the vulnerable web browser or email client.

III. Solution

Apply a patch as described in MS03-015.

Systems Affected
No Information Available

References

http://www.microsoft.com/technet/security/bulletin/MS03-015.asp
http://msdn.microsoft.com/workshop/networking/pluggable/pluggable.asp

Credit

Thanks to Microsoft Corporation for reporting this vulnerability.

This document was written by Shawn V Hernan based on information provided by Microsoft.

Other Information

Date Public:2003-04-23
Date First Published:2003-04-23
Date Last Updated:2003-04-23
CERT Advisory: 
CVE-ID(s):CAN-2003-0113
NVD-ID(s):CAN-2003-0113
US-CERT Technical Alerts: 
Severity Metric:10.80
Document Revision:8

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Copyright 2003 Carnegie Mellon University
Disclaimers and copyright information
Get a PDF Reader