Internet Explorer Data Binding Memory Corruption Vulnerability

By admin | Dec 16, 2008
If you are new here, you may want to subscribe to our feed.

Well, another zero day exploit for M$ products – this time a very nasty Internet Explorer vulnerability.

The vulnerability allows a website to exploit execution of arbitrary code.  Here is the advisory from Secunia:

“The vulnerability is caused due to a use-after-free error when composed HTML elements are bound to the same data source. This can be exploited to dereference freed memory via a specially crafted HTML document.”

So, IE versions 5.x, 6.x, and 7.x affected.  No patch.  I would stop using IE personally – at least until this gets cleared up.

No TweetBacks yet. (Be the first to Tweet this post)



Related Posts:

Internet Explorer Extremely Critical Vulnerability
vulnerability has been discovered in Internet Explorer which could allow a malicious person to exploit a vulnerability. This...

Microsoft Excel Repair Mode Vulnerability
And yet again, Secunia has issued an extremely critical security warning. This time it involves a memory corruption issue...

Microsoft Word Unspecified Vulnerability
I love that title. Talk about vague. It seems things are hush hush. But the gist of...

Yahoo Apple Facebook Myspace Security Notes
This past week has seen a little spike in security activity across the web. The biggest ones that will...

Critical Trillian, WinAmp Security Flaws
Heads up for two newly flagged issues if you use either the online instant messaging program "Trillian", and the media...

Leave a Comment

If you would like to make a comment, please fill out the form below.

Name (required)

Email (required)

Website

Comments

Get Adobe Flash playerPlugin by wpburn.com wordpress themes
© 2009 PaulTech Network