Multiple vulnerabilities are reported in Microsoft Internet Explorer

February 19th, 2012 by Stephen Jones Leave a reply »

Multiple vulnerabilities are reported in Microsoft Internet Explorer, which can be exploited to bypass certain security restrictions, disclose potentially sensitive information, and compromise a user’s system.

1) An error exists when handling copy and paste operations. For more information:
SA48031

2) An error when accessing a deleted object within certain HTML layout handling can be exploited to corrupt memory.

3) An error when handling NULL bytes during the creation and initialisation of strings can be exploited to read process memory.

4) An error when accessing a deleted object within VML handling can be exploited to corrupt memory. Successful exploitation of vulnerabilities #2 and #4 allows execution of arbitrary code.

Solution
Apply patches.

Advertisement

Leave a Reply

You must be logged in to post a comment.