Carrie
11-05-2004, 12:15 PM
Tech News World (http://www.technewsworld.com/story/37892.html)
By Robert Jaques
11/05/04
Other programs that use the WebBrowser ActiveX control, including Outlook, AOL and Lotus Notes, could be affected by this hole, US-CERT warned. Hackers exploiting the bug need to convince a user to view a specially crafted HTML document, such as a Web page or an HTML e-mail message, allowing the attacker to execute arbitrary code with the privileges of the user.
The attacker could also cause IE (or the program using the WebBrowser control) to crash.
Security watchdog the U.S. Computer Emergency Readiness Team (US-CERT) has warned Internet Explorer (IE) users to update patches after it discovered a buffer overflow vulnerability that gives hackers local administration rights to execute arbitrary code on compromised PCs.
The so-called heap buffer overflow vulnerability centers on the way IE handles the SRC and Name attributes of Frame and Iframe elements.
Full story (http://www.technewsworld.com/story/37892.html)
By Robert Jaques
11/05/04
Other programs that use the WebBrowser ActiveX control, including Outlook, AOL and Lotus Notes, could be affected by this hole, US-CERT warned. Hackers exploiting the bug need to convince a user to view a specially crafted HTML document, such as a Web page or an HTML e-mail message, allowing the attacker to execute arbitrary code with the privileges of the user.
The attacker could also cause IE (or the program using the WebBrowser control) to crash.
Security watchdog the U.S. Computer Emergency Readiness Team (US-CERT) has warned Internet Explorer (IE) users to update patches after it discovered a buffer overflow vulnerability that gives hackers local administration rights to execute arbitrary code on compromised PCs.
The so-called heap buffer overflow vulnerability centers on the way IE handles the SRC and Name attributes of Frame and Iframe elements.
Full story (http://www.technewsworld.com/story/37892.html)