Codezwiz >> Security >> New vulnerability in Internet Explorer -

Official Server Time: July 7, 2025, 2:49 am EDT

New vulnerability in Internet Explorer -

Del.icio.us

Digg

Google

Spurl

Blink

Furl

Y! MyWeb

Share:

Sponsors:

Consult has reported a vulnerability in Microsoft Internet Explorer (rated as "Higly critical" by Secunia), which potentially can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to the "javaprxy.dll" COM object being instantiated incorrectly in Internet Explorer via the object tag. This can be exploited via a malicious web site to cause a memory corruption. Successful exploitation may allow execution of arbitrary code.

The vulnerability has been reported in versions 5.01, 5.5, and 6.0, and Microsoft recommends setting Internet and Local intranet security zone settings to "High".

More information and a proof of concept are available at sec-consult.com/184.html. Microsoft information, available at microsoft.com/technet/security/ad...3144.mspx.

Article submitted by: Taut
Last Update: 07-01-2005
Category: Security

Print | E-mail

Current rating: 5.46 by 92 users

Would you recommend this article to a friend?

Not a Chance

Absolutely

Re: New vulnerability in Internet Explorer -

By: Dauthus @ 01:18:09 : 07-08-2005

For the sake of Pete. Maybe Microsoft needs to hire Chatserv, Bob Marion, Raven and Telli to keep up with the IE security. Together they could create an Explorer Sentinel to keep the wolves at bay!

It seems every time I turn around IE has another security hole. It's almost as bad as the new PHP-Nuke releases that come out.

Please register or sign-in to post comments.

(9,741 reads) 07-05-2008

· Fusion Security

(15,358 reads) 06-02-2007

· NukeSentinel(tm)2.5.10 Critical Update

(14,150 reads) 05-07-2007

· NukeSentinel(tm) 2.5.08 Maintainance Release

(15,600 reads) 03-15-2007

· NukeSentinel(tm) 2.5.07 Reissued: Critical Update

(14,096 reads) 03-02-2007

· NukeSentinel(tm) 2.5.06: Critical Update

(14,866 reads) 01-23-2007