Internet Explorer IFRAME buffer overflow

Added: 05/03/2006
CVE: CVE-2004-1050
BID: 11515
OSVDB: 11337

Background

Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems.

Problem

A buffer overflow when processing the name attribute in an IFRAME tag allows command execution when a malformed web page is loaded.

Resolution

Apply the update referenced in Microsoft Security Bulletin 04-040 or a later cumulative Internet Explorer update.

References

http://www.kb.cert.org/vuls/id/842160

Limitations

Exploit works on Internet Explorer 6. Exploitation requires a user to load the exploit into Internet Explorer.

Platforms

Windows

Back to exploit index