Microsoft Internet Explorer Multiple Vulnerabilities( 11 June 2008 )

Last Update Date: 28 Jan 2011 Release Date: 11 Jun 2008 4495 Views

RISK: Medium Risk

Medium Risk

1. HTML Objects Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way Internet Explorer displays a Web page that contains certain unexpected method calls to HTML objects. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user.

2. Request Header Cross-Domain Information Disclosure Vulnerability

An information disclosure vulnerability exists in the way Internet Explorer handles certain request headers. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow the attacker to read data from another Internet Explorer domain.

Impact

  • Remote Code Execution
  • Information Disclosure

System / Technologies affected

  • Microsoft Internet Explorer 5.01
  • Microsoft Internet Explorer 6
  • Windows Internet Explorer 7
  • Microsoft Windows 2000
  • Windows XP
  • Windows Server 2003
  • Windows Vista
  • Windows Server 2008

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Download locations for this patch

Vulnerability Identifier

Source

Related Link

Share with

Previous

Microsoft Windows Bluetooth Vulnerability( 11 June 2008 )

11 Jun 2008 4430 Views

Next

Microsoft Windows WINS Memory Overwrite Vulnerability( 11 June 2008 )

11 Jun 2008 4576 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY