Home :: Forums :: Register :: Sign In :: Links :: Downloads :: Shop
You are not signed in. Please sign in. If you have not registered, please click here.
Go Back Home >> News >> Security
Reload this Page New vulnerability in Internet Explorer -

New vulnerability in Internet Explorer -


Del.icio.us  Digg  Google  Spurl  Blink  Furl  Y! MyWeb   More...
Share:
Sponsors:
Consult has reported a vulnerability in Microsoft Internet Explorer (rated as "Higly critical" by Secunia), which potentially can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to the "javaprxy.dll" COM object being instantiated incorrectly in Internet Explorer via the object tag. This can be exploited via a malicious web site to cause a memory corruption. Successful exploitation may allow execution of arbitrary code.

The vulnerability has been reported in versions 5.01, 5.5, and 6.0, and Microsoft recommends setting Internet and Local intranet security zone settings to "High".

More information and a proof of concept are available at http://www.sec-consult.com/184.html. Microsoft information, available at http://www.microsoft.com/technet...3144.mspx.

Article submitted by: Taut
Last Update: 07-01-2005
Category: Security

Print | E-mail

Current rating: 5.46 by 92 users
Would you recommend this article to a friend?

Not a Chance 12345678910 Absolutely
Comments

Re: New vulnerability in Internet Explorer -

By: Dauthus @ 01:18:09 : 07-08-2005

For the sake of Pete. Maybe Microsoft needs to hire Chatserv, Bob Marion, Raven and Telli to keep up with the IE security. Together they could create an Explorer Sentinel to keep the wolves at bay!

It seems every time I turn around IE has another security hole. It's almost as bad as the new PHP-Nuke releases that come out.


Please register or sign-in to post comments.


Related News Stories

(5,489 reads) 07-05-2008
 · Fusion Security
(11,371 reads) 06-02-2007
 · NukeSentinel(tm)2.5.10 Critical Update
(10,286 reads) 05-07-2007
 · NukeSentinel(tm) 2.5.08 Maintainance Release
(11,176 reads) 03-15-2007
 · NukeSentinel(tm) 2.5.07 Reissued: Critical Update
(10,160 reads) 03-02-2007
 · NukeSentinel(tm) 2.5.06: Critical Update
(11,014 reads) 01-23-2007
 · NukeSentinel(tm) 2.5.05 released
(10,892 reads) 12-24-2006
 · NukeSentinel 2.5.04 released
(10,626 reads) 11-03-2006
 · NukeSentinel(tm) 2.5.03 Released
(13,116 reads) 10-19-2006
 · Php Nuke 8.0 Patched
(9,846 reads) 10-01-2006
 · ipBan Modification