検索:
ホーム   »     »   New Vulnerability: Microsoft Internet Explorer “createTextRange()” CodeExecution

New Vulnerability: Microsoft Internet Explorer “createTextRange()” CodeExecution

  • 投稿日:2006年3月31日
  • 脅威カテゴリ:未分類
  • 執筆:ウイルス解析担当者
0

A new vulnerability in Microsoft Internet Explorer has been
found by Secunia Research which can allow code execution.

Here is a snippet from Secunia Research.

[snip]

The vulnerability is caused due to an error in the processing of
the “createTextRange()” method call applied on a radio button
control. This can be exploited by e.g. a malicious web site to
corrupt memory in a way, which allows the program flow to be
redirected to the heap.

Successful exploitation allows execution of arbitrary code.

[snip]

We are still searching for the PoC for this and will update you
with more information. In the meantime please do not visit
untrusted web sites to avoid being exploited.


No related posts.



  • 個人のお客さま向けオンラインショップ
  • |
  • 法人のお客さま向け直営ストア
  • |
  • 販売パートナー検索
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • 電子公告
  • ご利用条件
  • プライバシーポリシー
  • Copyright © 2021 Trend Micro Incorporated. All rights reserved.