VULHUB ™

Due to a flaw in IE's implementation of an HTML directive, it is possible for a remote attacker to execute arbitrary code on a user's system. MSIE supports a directive to embed document files in webpages. A buffer overflow condition exists in this feature that may allow for remote attackers to execute arbitrary code on client systems. This vulnerability may be exploited to execute arbitrary code through a maliciously constructed webpage or HTML email. Any arbitary code will be executed within the security context of the user running the client. Successful exploitation of this issue could result in a compromise of the host.

Due to a flaw in IE's implementation of an HTML directive, it is possible for a remote attacker to execute arbitrary code on a user's system. MSIE supports a directive to embed document files in webpages. A buffer overflow condition exists in this feature that may allow for remote attackers to execute arbitrary code on client systems. This vulnerability may be exploited to execute arbitrary code through a maliciously constructed webpage or HTML email. Any arbitary code will be executed within the security context of the user running the client. Successful exploitation of this issue could result in a compromise of the host.