web
analytics

Internet Explorer Data Binding Memory Corruption Vulnerability

By December 16, 2008Hacking, Security


style=”display:inline-block;width:336px;height:280px”
data-ad-client=”ca-pub-1263642132905925″
data-ad-slot=”2110030350″>

Well, another zero day exploit for M$ products – this time a very nasty Internet Explorer vulnerability.

The vulnerability allows a website to exploit execution of arbitrary code.  Here is the advisory from Secunia:

“The vulnerability is caused due to a use-after-free error when composed HTML elements are bound to the same data source. This can be exploited to dereference freed memory via a specially crafted HTML document.”

So, IE versions 5.x, 6.x, and 7.x affected.  No patch.  I would stop using IE personally – at least until this gets cleared up.



style=”display:inline-block;width:200px;height:90px”
data-ad-client=”ca-pub-1263642132905925″
data-ad-slot=”6819431556″>

Related Posts:

  • No Related Posts