[Am-info] Re: CERT Advisory CA-2002-04 Buffer Overflow in Microsoft
Internet Explorer
John J. Urbaniak
jjurban@attglobal.net
Mon, 25 Feb 2002 16:52:14 -0500
Geoffrey wrote:
> Yeah, they put out some good stuff alright...
No, no. The word is "Trustworthy Computing." Gates said it, so all Microsoft
products are trustworthy now. Those that aren't will take a month - then they
will be trustworthy too.
John
>
>
> CERT Advisory wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> >
> > CERT Advisory CA-2002-04 Buffer Overflow in Microsoft Internet Explorer
> >
> > Original release date: February 25, 2002
> > Last revised: --
> > Source: CERT/CC
> >
> > A complete revision history can be found at the end of this file.
> >
> > Systems Affected
> >
> > * Microsoft Internet Explorer
> > * Microsoft Outlook and Outlook Express
> > * Other applications that use the Internet Explorer HTML rendering
> > engine
> >
> >
> > Overview
> >
> > Microsoft Internet Explorer contains a buffer overflow vulnerability
> > in its handling of embedded objects in HTML documents. This
> > vulnerability could allow an attacker to execute arbitrary code on the
> > victim's system when the victim visits a web page or views an HTML
> > email message.
> >
> >
> >