Description: Some vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system.
1) An error when parsing certain CSS strings can be exploited to cause a memory corruption when a user e.g. visits a malicious website.
Successful exploitation may allow execution of arbitrary code.
Note: This does not affect Internet Explorer 6 and 7.
2) The tblinf32.dll or vstlbinf.dll ActiveX control implements IObjectsafety incorrectly, which can be exploited to execute arbitrary code when a user e.g. visits a malicious website.
3) An error in the pdwizard.ocx ActiveX control can be exploited to cause a memory corruption when a user e.g. visits a malicious website.
Successful exploitation may allow execution of arbitrary code.
Do you have this product installed on your home computer? Scan using the free Personal Software Inspector. Check if a vulnerable version is installed on computers in your corporate network, using the Network Software Inspector.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
