AOL Time Warner Information for VU#932283

Microsoft Internet Explorer HTML rendering engine contains buffer overflow processing SRC attribute of HTML <EMBED> directive

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

In testing, the CERT/CC found that AOL 7.0 software may install a customized version of Internet Explorer 5.5 (5.50.4134.600IS). This version of Internet Explorer does not seem to be vulnerable. However, AOL 7.0 software on a system running Internet Explorer 5.5 SP2 (5.50.4807.2300) does appear to be vulnerable.

If you have feedback, comments, or additional information about this vulnerability, please send us email.