Alternate Entries
journal contact

Monday, February 16, 2004

In case you were wondering if the Microsoft code "release" would produce bad things, wonder no more. It's starting:
A vulnerability was reported in Microsoft Internet Explorer (IE) version 5. A remote user can execute arbitrary code on the target system.

It is reported that a remote user can create a specially crafted bitmap file that, when loaded by IE, will trigger an integer overflow and execute arbitrary code.

The author states that this flaw was found by reviewing the recently leaked Microsoft Windows source code. The flaw reportedly resides in 'win2k/private/inet/mshtml/src/site/download/imgbmp.cxx'.

The report indicates that IE 5 is affected but that IE 6 is not affected.

posted by jeev | 1:09 PM |
Click for Oakland, California Forecast
Tasty
gorick
arts and letters daily
dogs and more
I prefer not to
Here, Now
Right here, Right now
The Blank Page
DiRT, ian's doc reviewing tool

Del.icio.us
Miss something?
Where all this comes from

xml(Atom feed for the blog, which is not the Del.icio.us feed)
It's always Friday here
www.flickr.com
Archive
site tools
blogger.com
Hosted by Laughing Squid
haloscan.com
Subscribe with Bloglines
Get Firefox!
Google

Web jeev.org
The Darfur Wall Project