Oval Definition:
oval:org.mitre.oval:def:770
Revision Date
:
2014-02-24
Version
:
45
Title
:
IE6,SP1 PNG Image Buffer Overflow
Description
:
Buffer overflow in the PNG image rendering component of Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted PNG file.
Family
:
windows
Class
:
vulnerability
Status
:
ACCEPTED
Reference(s)
:
CVE-2005-1211
Platform(s)
:
Microsoft Windows 2000
Microsoft Windows XP
Product(s)
:
Microsoft Internet Explorer
Definition Synopsis
Software section
Internet Explorer 6 Service Pack 1 is installed
AND
the version of mshtml.dll is less than 6.0.2800.1505 or 6.0.2800.1506
the version of mshtml.dll is less than 6.0.2800.1505 (RTMGDR)
OR
the version of mshtml.dll is less than 6.0.2800.1506 (RTMQFE)
AND
NOT
the patch kb883939 is installed
AND
Configuration section
PNG image rendering enabled in Internet Explorer
BACK