Lucene search
SAINT CorporationSAINT:580A16A959FD7F0F499A49F545FE25DCHistorySep 20, 2006 - 12:00 a.m.
Internet Explorer VML rect fill buffer overflow
2006-09-2000:00:00
SAINT Corporation
download.saintcorporation.com
19
0.18 Low
EPSS
Percentile
96.2%
Added: 09/20/2006
CVE: CVE-2006-4868
BID: 20096
OSVDB: 28946
Background
Vector Markup Language (VML) is an XML-based format for vector graphics.
Problem
A buffer overflow in Internet Explorer when processing VML code allows remote command execution using a long **fill** parameter within a **rect** tag.
Resolution
http://www.microsoft.com/technet/security/advisory/925568.mspx
References
<http://www.us-cert.gov/cas/techalerts/TA06-262A.html>
Limitations
Exploit works on Internet Explorer 6.0 and requires a user to load the exploit page in a vulnerable browser.
There may be a delay before the exploit succeeds due to the large amount of memory required on the target.
Platforms
Windows
Related
packetstorm
packetstorm
Internet Explorer VML Fill Method Code Execution
2009-11-26 00:00:00
saint
saint
Internet Explorer VML rect fill buffer overflow
2006-09-20 00:00:00
Internet Explorer VML rect fill buffer overflow
2006-09-20 00:00:00
Internet Explorer VML rect fill buffer overflow
2006-09-20 00:00:00
nvd
nvd
CVE-2006-4868
2006-09-19 19:07:00
CVE-2006-3866
2006-09-19 21:07:00
cvelist
cvelist
CVE-2006-4868
2006-09-19 19:00:00
checkpoint_advisories
checkpoint_advisories
securityvulns
securityvulns
cve
cve
CVE-2006-4868
2006-09-19 19:07:00
CVE-2006-3866
2022-10-03 16:21:17
canvas
canvas
Immunity Canvas: MS06_055
2006-09-19 19:07:00
nessus
nessus
cert
cert
Microsoft Internet Explorer VML stack buffer overflow
2006-09-19 00:00:00
symantec
symantec