Vulnerability Note VU#266926
Microsoft Internet Explorer contains an integer overflow in the processing of bitmap files
A vulnerability in Microsoft Internet Explorer could allow a remote attacker to execute arbitrary code on a vulnerable system.
Microsoft Internet Explorer (IE) is a web browser. An integer overflow vulnerability has been discovered in the way that Internet Explorer processes bitmap image files. This vulnerability could allow a remote attacker to execute arbitrary code on a vulnerable system by introducing a specially crafted bitmap file.
A remote attacker may be able to execute arbitrary code on a vulnerable system by introducing a specially crafted bitmap file. This malicious bitmap image may be introduced to the system via a malicious web page, HTML email, or an email attachment.
Apply a patch as described in Microsoft Security Bulletin MS04-025.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Microsoft Corporation||Affected||16 Feb 2004||30 Jul 2004|
CVSS Metrics (Learn More)
Thanks to firstname.lastname@example.org for reporting this vulnerability.
This document was written by Chad R Dougherty.
- CVE IDs: CAN-2004-0566
- Date Public: 15 Feb 2004
- Date First Published: 30 Jul 2004
- Date Last Updated: 30 Jul 2004
- Severity Metric: 56.11
- Document Revision: 9
If you have feedback, comments, or additional information about this vulnerability, please send us email.