|
|
|
Vulnerability Note VU#813208Microsoft Internet Explorer does not properly render input type tagOverviewMicrosoft Internet Explorer (IE) does not properly render an input type tag, allowing a remote attacker to cause a denial of service.I. DescriptionMicrosoft Security Bulletin MS03-032 briefly describes...a flaw in the way Internet Explorer renders Web pages that could cause the browser or Outlook Express to fail. Internet Explorer does not properly render an input type tag. A user visiting an attacker's Web site could allow the attacker to exploit the vulnerability by viewing the site. In addition, an attacker could craft a specially formed HTML based e-mail that could cause Outlook Express to fail when the e-mail was opened or previewed. II. ImpactBy convincing a victim to view a specially crafted HTML document (web page, HTML email) , a remote attacker could cause a denial of service.III. SolutionApply patchApply 822925 or a more recent cumulative patch for IE. See Microsoft Security Bulletin MS03-032.
References
This vulnerability was reported by Microsoft. This document was written by Art Manion.
If you have feedback, comments, or additional information about this vulnerability, please send us
email. |
||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||