Main Menu
Home
News Feeds
Blog
Services
Forum
FAQs
Contact Us
Search
Resources
Gallery
Links
Symantec Web-Remote
Chat
User Menu
Arcade Games
Login Form
Username

Password

Remember me
Forgotten your password?
No account yet? Create one
Letterman Subscribe
Keep yourself updated with our FREE newsletters now!

Name

E-Mail Address
Subscribe
Unsubscribe
Syndicate

Serious IE Hole PDF Print E-mail

Serious IE Hole Opens..

Serious IE Hole Opens Pre XP SP2 PCs Up to Attacks

US-CERT on Wednesday warned of a fresh hole in Internet Explorer that could allow attackers to take control of a PC via an HTML e-mail message or a malicious Web page. The flaw is all the more serious because exploit code has been published on public mailing lists, according to security researchers.

The flaw, a heap buffer overflow, is in the way IE handles two attributes of the "frame" and "iframe" HTML elements. An exploit currently circulating uses overly long SRC and NAME attributes to cause IE to execute an attacker's shell code, according to US-CERT. Users could be attacked via a malicious Web page viewed in an affected version of IE or possibly through an HTML e-mail viewed in an application such as Outlook, Outlook Express, AOL or Lotus Notes that relies on the WebBrowser ActiveX control, according to researchers.

Source: eWeek
< Prev
[ Back ]
Security News
ZDNET VideoThe Future Of... Clothes
Where Technology Means Business: ZDNet delivers the best tech news, and resources for IT hardware, software, networking and services. It's the top site for IT managers and tech-savvy business people.
Read more...
Google announces open-source video format WebM

Read more...
iPhone 4 camera features

Read more...
Netflix on the iPhone

Read more...
iMovie comes to the iPhone

Read more...
iPhone 4's new gyroscope

Read more...
iPhone 4 unveiled

Read more...
Cloud panel: Interoperability a mandate for virtualization

Read more...