Thursday, November 04, 2004
Serious IE Hole Opens PCs Up to Attacks
Serious IE Hole Opens PCs Up to Attacks - "US-CERT on Wednesday warned of a fresh hole in Internet Explorer that could allow attackers to take control of a PC via an HTML e-mail message or a malicious Web page. The flaw is all the more serious because exploit code has been published on public mailing lists, according to security researchers. 
The flaw, a heap buffer overflow, is in the way IE handles two attributes of the "frame" and "iframe" HTML elements. An exploit currently circulating uses overly long SRC and NAME attributes to cause IE to execute an attacker's shell code, according to US-CERT."
3:14:30 PM    comment []  trackback []  


© Copyright 2004 Elmer Masters .
Last update: 12/1/2004; 5:46:36 PM .

Click here to visit the Radio UserLand website. Valid CSS! Subscribe to "<CONTENT /> v.3" in Radio UserLand. Click to see the XML version of this web page. Click here to send an email to the editor of this weblog.