norrisa
Member
|
# Posted: 21 Mar 2006 10:39
Reply
Threat Level: Not critical Remotely Exploitable: Yes Locally Exploitable: No Release Date: 3-16-2006
Microsoft is investigating a bug that may cause the browser to crash when viewing a malicious Web page. Details of this vulnerability were released last week. The flaw can be exploited by an attacker to crash IE, Secunia said in an advisory published Monday. The vulnerability is caused due to an array boundary error in the handling of HTML tags with multiple event handlers, said Secunia. The vulnerability was confirmed on a fully patched PC running IE 6 and Windows XP with Service Pack 2. No current patches are available, Microsoft said, it may issue a security advisory or provide a patch through its monthly release process.
References: News.com Secunia
Andrew
|