>> Microsoft Internet Explorer Multiple Vulnerabilities (MS05-038)
Title : Microsoft Internet Explorer Multiple Vulnerabilities (MS05-038) VUPEN ID : VUPEN/ADV-2005-1353 CVE ID : CVE-2005-1988 - CVE-2005-1989 - CVE-2005-1990 CWE ID : CWE-
Rated as : Critical
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2005-08-09
Technical Description
Multiple vulnerabilities were identified in Microsoft Internet Explorer, which could be exploited by attackers to execute arbitrary commands.
The first issue is due to a buffer overflow error when processing specially crafted JPEG images, which could be exploited via a malicious Web site or e-mail message to execute arbitrary commands.
The second flaw is due to a cross domain error in the process by which certain URLs are interpreted when browsing from a Web page to a Web folder view using WebDAV, which could be exploited by attackers to disclosure sensitive information or execute arbitrary code.
The third vulnerability is due to a memory corruption error when instantiating certain COM objects as ActiveX controls, which could be exploited by remote attackers to execute arbitrary commands.
Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback If you have additional information or corrections for this security advisory please submit them via our contact form.
