A vulnerability in Microsoft Internet Explorer could allow a remote attacker to execute arbitrary code on a vulnerable system.
Microsoft Internet Explorer (IE) contains an unspecified vulnerability in the way that it handles certain URLs. The process that checks the URL contains a buffer overflow vulnerability. This vulnerability could allow a remote attacker to execute arbitrary code on a vulnerable system.
By convincing a user to view an HTML document (e.g., a web page or HTML email message), an attacker could execute arbitrary commands or code with the privileges of the user. The attacker could take any action as the user. If the user has administrative privileges, the attacker could take complete control of the user's system.
Apply a patch
This vulnerability was publicly reported by Microsoft who credits 3APA3A and axle@bytefall working with iDEFENSE
|Date First Published:||2005-04-12|
|Date Last Updated:||2005-04-13 19:31 UTC|