|
|
|
![]() |
Vulnerability Note VU#266926Microsoft Internet Explorer contains an integer overflow in the processing of bitmap filesOverviewA vulnerability in Microsoft Internet Explorer could allow a remote attacker to execute arbitrary code on a vulnerable system.I. DescriptionMicrosoft Internet Explorer (IE) is a web browser. An integer overflow vulnerability has been discovered in the way that Internet Explorer processes bitmap image files. This vulnerability could allow a remote attacker to execute arbitrary code on a vulnerable system by introducing a specially crafted bitmap file.II. ImpactA remote attacker may be able to execute arbitrary code on a vulnerable system by introducing a specially crafted bitmap file. This malicious bitmap image may be introduced to the system via a malicious web page, HTML email, or an email attachment.III. SolutionApply PatchApply a patch as described in Microsoft Security Bulletin MS04-025.
Referenceshttp://www.us-cert.gov/cas/techalerts/TA04-212A.html Thanks to gta@hush.com for reporting this vulnerability. This document was written by Chad R Dougherty.
If you have feedback, comments, or additional information about this vulnerability, please send us
email. |
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||