Microsoft Internet Explorer VML Rect Fill Method Buffer Overflow
Gravedad: Crítico
Identificadores de CVE : CVE-2006-4868,MS06-055
Fecha recomendada: 21 de julio de 2015
Descripción
Stack-based buffer overflow in the Vector Graphics Rendering engine (vgx.dll), as used in Microsoft Outlook and Internet Explorer 6.0 on Windows XP SP2, and possibly other versions, allows remote attackers to execute arbitrary code via a Vector Markup Language (VML) file with a long fill parameter within a rect tag.
Revelación de la información
Apply associated Trend Micro DPI Rules.
Soluciones
Trend Micro Deep Security DPI Rule Number: 1002061
Trend Micro Deep Security DPI Rule Name: 1000776 - Microsoft Internet Explorer VML Rect Fill Method Buffer Overflow
Software y versión afectados
- Microsoft Internet Explorer 5.0.1 SP4
- Microsoft Internet Explorer 6.0
- Microsoft Outlook 2003