Microsoft has released a security bulletin describing multiple vulnerabilities in Internet Explorer 5.01, 5.5 and 6.0. The first issue is a buffer overflow in the Gopher protocol handler. This vulnerability was previously alerted on and is described in further detail in Bugtraq ID 4930 "Multiple Microsoft Product Gopher Client Buffer Overflow Vulnerability". The second issue is described to be a buffer overflow in an ActiveX component used to display specially formatted text. This issue in the Legacy Text Formatting component may enable a remote attacker to execute code on a client system with the privileges of the user running the affected client. The vulnerable component is reportedly not installed by default in current versions of Internet Explorer and was removed from the Microsoft website when the vendor first learned of the issue. The third issue reportedly allows a remote attacker to exploit the browser to read XML data that is located in a known location. The source of the...
Microsoft has released a security bulletin describing multiple vulnerabilities in Internet Explorer 5.01, 5.5 and 6.0. The first issue is a buffer overflow in the Gopher protocol handler. This vulnerability was previously alerted on and is described in further detail in Bugtraq ID 4930 "Multiple Microsoft Product Gopher Client Buffer Overflow Vulnerability". The second issue is described to be a buffer overflow in an ActiveX component used to display specially formatted text. This issue in the Legacy Text Formatting component may enable a remote attacker to execute code on a client system with the privileges of the user running the affected client. The vulnerable component is reportedly not installed by default in current versions of Internet Explorer and was removed from the Microsoft website when the vendor first learned of the issue. The third issue reportedly allows a remote attacker to exploit the browser to read XML data that is located in a known location. The source of the issue is apparently due to how Internet Explorer handles HTTP redirects. An attacker may exploit this issue via a malicious webpage that redirects the browser to access resources on the local filesystem of the client machine. The fourth issue is in how Internet Explorer displays download dialogues to users. It is possible to exploit this condition to misrepresent the source of a file being downloaded to appear as though it is coming from a trusted source, when in fact it originates from an untrusted source. The fifth issue appears to be an issue that was previously alerted on. Further details can be found in the vulnerability record Bugtraq ID 5196 "Microsoft Internet Explorer OBJECT Tag Same Origin Policy Violation Vulnerability". The sixth issue is a variant of the issue described in Microsoft Security Bulletin MS02-023 and Bugtraq ID 4754 Microsoft Internet Explorer Cookie Content Disclosure Vulnerability. It may potentially allow an attacker to cause malicious script code to execute with relaxed Security Zone restrictions.
