Published: 2006-09-22T05:30+00:00
Last Updated: 2006-09-28T15:40+00:00
TRTA06-262A
Microsoft Internet Explorer VML Buffer Overflow
Overview
Microsoft Internet Explorer (IE) fails to properly handle Vector Markup Language (VML) tags. This creates a buffer overflow vulnerability that could allow a remote attacker to execute arbitrary code.
Event Information
| Date (UTC) | Description |
| 2006-09-28 15:15 |
Internet Security Systems AlertCon (2) => (1) |
| 2006-09-27 02:41 |
JPCERT/CC JPCERT-AT-2006-0015: Microsoft Windows VML could allow remote code execution |
| 2006-09-26 23:04 |
US-CERT TA06-262A: Microsoft Internet Explorer VML Buffer Overflow (Update) Update Alert via US-CERT Mailing List |
| 2006-09-26 |
Microsoft Microsoft Security Advisory (922437): Vulnerability in Word Could Allow Remote Code Execution Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS06-055 to address this issue. |
| 2006-09-26 |
Microsoft MS06-055: Vulnerability in Word Could Allow Remote Code Execution This update resolves a public vulnerability as well as additional issues discovered through internal investigations. |
| 2006-09-25 23:41 |
SANS Internet Storm Center VML vuln being actively exploited Messagelabs has reported that E-cards are being used as an attack vector, exploiting the VML vulnerability in MS Internet Explorer to download malware. |
| 2006-09-25 |
SANS Internet Storm Center Yellow: MSIE VML exploit spreading The VML exploit is now becoming more widespread, so we changed the InfoCon level to yellow to emphasize the need to consider fixes. |
| 2006-09-25 |
MS Internet Explorer (VML) Remote Buffer Overflow Exploit (SP2) (pl) a proof-of-concept code for this vulnerability (CVE-2006-4868,VU#416092) #Cid: 20096_XP_SP0_SP1_2K.pl #Tested: Windows XP SP2 + IE6 SP1 #Tested: Windows XP SP1 + IE6 SP1 #Tested: Windows XP SP0 + IE6 #Tested: Windows 2000 SP4 + IE6 SP1 #Tested: Windows 2000 SP4 + IE6 |
| 2006-09-22 16:00 |
Internet Security Systems AlertCon (1) => (2) |
| 2006-09-21 |
MS Internet Explorer (VML) Remote Buffer Overflow Exploit (XP SP1) a proof-of-concept code for this vulnerability (CVE-2006-4868,VU#416092) #Cid: 20096.pl #Tested: Windows XP SP1 + IE6 SP1 #Tested: Windows XP SP0 + IE6 #Tested: Windows 2000 SP4 + IE6 SP1 #Tested: Windows 2000 SP4 + IE6 |
| 2006-09-20 18:03 |
Bugtraq vml.c - Internet Explorer VML Buffer Overflow Download Exec Exploit a proof-of-concept code for this vulnerability (CVE-2006-4868,VU#416092) #Cid: vml.c #Tested: Windows 2000 Server [CN] + Internet Explorer 6.0 SP1 |
| 2006-09-20 08:41 |
Symantec Trojan.Vimalov: A zero-day exploit in VML, in Internet Explorer |
| 2006-09-20 07:34 |
JPCERT/CC JPCERT-AT-2006-0015: Microsoft Windows VML could allow remote code execution |
| 2006-09-20 |
Trend Micro IE Zero Day + Web Attacker Kit We've just received reports of several sites using the new IE zero-day exploit in conjunction with a Web Attacker kit. |
| 2006-09-19 22:30 |
US-CERT TA06-262A: Microsoft Internet Explorer VML Buffer Overflow Via US-CERT Mailing List |
| 2006-09-19 |
Internet Security Systems Microsoft Internet Explorer Vector Markup Language Exploit Alert |
| 2006-09-19 |
Microsoft Microsoft Security Advisory (922437): Vulnerability in Word Could Allow Remote Code Execution Microsoft has confirmed new public reports of a vulnerability in the Microsoft Windows implementation of Vector Markup Language (VML) Microsoft is also aware of the public release of detailed exploit code that could be used to exploit this vulnerability. |
| 2006-09-19 |
SANS Internet Storm Center Yet another MSIE 0-day: VML |
| 2006-09-19 |
MS Internet Explorer (VML) Remote Denial of Service Exploit PoC a proof-of-concept code for this vulnerability (CVE-2006-4868,VU#416092) #Cid: 20096.html |
| 2006-09-18 10:18 |
Sunbelt Software. Seen in the wild: Zero Day exploit being used to infect PCs |
| 2006-09-18 |
Symantec Trojan.Vimalov Exploit for VML Buffer Overrun Vulnerability(bid20096) |