MS06-023: Microsoft's JScript remote code execution

Published: 2006-06-13
Last Updated: 2006-06-13 17:58:24 UTC
by Swa Frantzen (Version: 1)
0 comment(s)
MS06-023 - KB 917344

A problem in JScript where it releases memory too soon can cause memory corruption and lead to remoee code execution.

The attack vector is web based where visiting malicious contant is sufficint to exploit the browser. This is strongly linked with MS06-021 and Microsoft recommends to install both at the same time.

Obviously it's better not to log in with administrative rights as it makes the impact of these vulnerabilities a lot worse.

Swa Frantzen -- section 66

0 comment(s)


Diary Archives