A vulnerability in the way Microsoft Internet Explorer handles certain script errors may lead to memory corruption that may allow remote execution of arbitrary code.
Microsoft Internet Explorer contains a memory corruption vulnerability that could be exploited when handling script errors. According to Microsoft Security Bulletin MS06-072:
Internet Explorer attempts to access previously freed memory when handling script errors in certain situations.
A remote, unauthenticated attacker may be able to execute arbitrary code or cause a denial-of-service condition.
Microsoft has released an update to address this issue. See Microsoft Security Bulletin MS06-072 for more details.
This vulnerability was reported in Microsoft Security Bulletin MS06-072. Microsoft credits Jakob Balle and Carsten Eiram of Secunia Research for reporting this issue.
This document was written by Chris Taschner.
|Date First Published:||2006-12-13|
|Date Last Updated:||2006-12-18 18:31 UTC|