» Yet another vulnerability in Internet Explorer (Network and Computer Security)

August 26, 2006

Yet another vulnerability in Internet Explorer

Filed under: News, Vulnerabilities, Windows — SecuNews @ 11:22 am

Just as Microsoft released on August 8th an IE 6 update to fix multiple vulnerabilities (See Microsoft Security Bulletin MS06-042), the NSFocus security team has found this update does introduce a new vulnerability.

This vulnerability can be exploited remotely by sending an overly-long URL to the browser.

This issue has been assigned the name: CVE-2006-3869

See here for the full details: NSFOCUS Security Advisory (SA2006-08)

See here for the advisory from microsoft and the updated patch: Microsoft Security Bulletin MS06-042.

One Response to “Yet another vulnerability in Internet Explorer”

» Internet Explorer Compressed Content URL Heap Overflow Vulnerability #2 (Network and Computer Security) Says:
September 14th, 2006 at 12:37 pm
[…] Less than 1 month after the discovery of a very serious vulnerability in Internet Explorer, EEyes has just published an advisory concerning a very similar (through different) vulnerability in the lastest IE. […]

You must be logged in to post a comment.

Network and Computer Security

The Network and Computer Security Blog

August 26, 2006

Yet another vulnerability in Internet Explorer

One Response to “Yet another vulnerability in Internet Explorer”

Leave a Reply

Documentation

Security News

Security Sites

Security Tools