Secunia Logo  


Secunia PSI WorldMap
 
Internet Explorer Multiple Vulnerabilities
Secunia Advisory: SA12806
Release Date: 2004-10-12
Last Update: 2005-01-25
Popularity: 38,997 views

Critical:
Extremely critical
Impact: Spoofing
Exposure of sensitive information
System access
Where: From remote
Solution Status: Vendor Patch

Software:Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.x

Secunia CVSS-2 Score: Available in Secunia business solutions

Subscribe: Instant alerts on relevant vulnerabilities


Advisory Content (Page 2 of 3)[ 1 ] [ 2 ] [ 3 ]

Solution:
Apply patches.

Internet Explorer 5.01 SP3 on Windows 2000 SP3:
http://www.microsoft.com/downloads/de...-924B-1FB1DC1881BA&displaylang=en

Internet Explorer 5.01 SP4 on Windows 2000 SP4:
http://www.microsoft.com/downloads/de...-B88C-A00371F6EC81&displaylang=en

Internet Explorer 5.5 SP2 on Microsoft Windows Me:
http://www.microsoft.com/downloads/de...-86DF-2B71799DA169&displaylang=en

Internet Explorer 6 on Windows XP:
http://www.microsoft.com/downloads/de...-A9D6-7CC6429C547D&displaylang=en

Internet Explorer 6 SP1 on Windows 2000 SP3/SP4, Windows XP, or Windows XP SP1:
http://www.microsoft.com/downloads/de...-9573-DD83F2DFF074&displaylang=en

Internet Explorer 6 SP1 on Windows NT Server 4.0 SP6a, Windows NT Server 4.0 TSE SP6, Windows 98 and SE, or Windows Me:
http://www.microsoft.com/downloads/de...-B8BD-51CFD795B03E&displaylang=en

Internet Explorer 6 for Windows XP SP1 (64-Bit Edition):
http://www.microsoft.com/downloads/de...-BA03-FBBC24142E4D&displaylang=en

Internet Explorer 6 for Windows Server 2003:
http://www.microsoft.com/downloads/de...-A61F-4F82A4014412&displaylang=en

Internet Explorer 6 for Windows Server 2003 64-Bit Edition and Windows XP 64-Bit Edition Version 2003:
http://www.microsoft.com/downloads/de...-A3EA-87D4BF7F9730&displaylang=en

Internet Explorer 6 for Windows XP SP2:
http://www.microsoft.com/downloads/de...-9246-2C2264C49E2E&displaylang=en

Provided and/or discovered by:
3) Greg Jones of KPMG UK and Peter Winter-Smith of Next Generation Security Software.
8) Mitja Kolsek, ACROS Security.
9) John Heasman, Next Generation Security Software.

Changelog:
2004-10-13: Added more information.
2004-10-14: Added more information.
2004-10-20: Added link to US-CERT vulnerability note.
2004-12-07: Added CVE reference.
2005-01-20: Added details about Heartbeat.ocx vulnerability.
2005-01-25: Added additional information about vulnerability #3.

Original Advisory:
MS04-038 (KB834707):
http://www.microsoft.com/technet/security/bulletin/ms04-038.mspx

ACROS Security:
http://www.acrossecurity.com/aspr/ASPR-2004-10-13-1-PUB.txt

NGSSoftware:
http://www.ngssoftware.com/advisories/heartbeatfull.txt
http://www.ngssoftware.com/advisories/msinsengfull.txt

Other References:
SA12048:
http://secunia.com/advisories/12048/

SA12321:
http://secunia.com/advisories/12321/

US-CERT VU#637760:
http://www.kb.cert.org/vuls/id/637760

US-CERT VU#673134:
http://www.kb.cert.org/vuls/id/673134

Change Page:
[ 1 ] [ 2 ] [ 3 ]



Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.

Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
  
Latest Advisories

Today
New advisories: 4
New vulnerabilities: 17
Updated advisories: 13

Moderately // 59 views
Red Hat update for tomcat
Highly // 84 views
HP-UX update for JRE / JDK
Highly // 74 views
Red Hat update for libvorbis

9th Nov, 2009
New advisories: 6
New vulnerabilities: 23
Updated advisories: 65

Not // 252 views
Debian update for pidgin
Less // 306 views
Debian update for linux-2.6
Less // 248 views
Debian update for drupal6
Highly // 287 views
Debian update for nspr

Solutions | More...  


Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.

Most Popular - 3 Hours

1. Sun Java JDK / JRE Multiple Vulnerabilities // 77 views
2. HP-UX update for JRE / JDK // 72 views
3. CUPS "kerberos" Cross-Site Scripting Vulnerability // 60 views
4. Red Hat update for tomcat // 50 views
5. Red Hat update for libvorbis // 45 views
6. Internet Explorer Charset Inheritance Cross-Site Scripting Vulnerability // 36 views
7. Mozilla Firefox Multiple Vulnerabilities // 33 views
8. Linux Kernel 2.4 Multiple Vulnerabilities // 33 views
9. Google Chrome Two Vulnerabilities // 31 views
10. Adobe Flash Player Multiple Vulnerabilities // 28 views