Skip navigation

IE Vulnerable to Remote Command Execution

Microsoft Internet Explorer (IE) is vulnerable to a memory corruption error when processing malformed HTML pages containing specially crafted calls to JavaScript "window()" objects and "onload" events. The vulnerability could allow remote intruders to execute arbitrary commands in the security context of the currently logged-on user. Microsoft said that the vulnerability affects IE 5.x and 6.0 running on Windows Server 2003 Service Pack 1 (SP1), Windows XP SP2, Windows 2000 Server SP4, Windows Me, and Windows 98.

For more information, read Microsoft Security Advisory 911302, "Vulnerability in the way Internet Explorer Handles onLoad Events Could Allow Remote Code Execution."

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.