You are here

T-526: Microsoft Internet Explorer 'ReleaseInterface()' Remote Code Execution Vulnerability

January 3, 2011 - 2:38pm

Addthis

PROBLEM:

Microsoft Internet Explorer 'ReleaseInterface()' Remote Code Execution Vulnerability

PLATFORM:

Microsoft Internet Explorer 8.0.7600.16385

ABSTRACT:

Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 8.0.7600.16385 is vulnerable; other versions may also be affected.

reference LINKS:
 

SecurityFocus - Microsoft Internet Explorer
Microsoft Product - Download
Announcing cross_fuzz, a potential 0-day in circulation
 

IMPACT ASSESSMENT:

High

Discussion:

Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions.

Solution:

Currently there are no vendor patches for this problem.

Addthis