Critical Flaws in IE are being patched, the culprit: PNG.....
wacky (Registered; 7064)
Posted on: 06-14-2005 21:42.
Client: Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/412 (KHTML, like Gecko) Safari/412
Message views: 1517 (Score: 0)
The three critical flaws could allow an intruder to take control of a computer, Microsoft said. The problem in IE is a PNG Image Rendering Memory Corruption vulnerability and affects a range of versions, including IE 6 for Windows XP Service Pack 2.
PNG images are similar to JPEGs and used in many multimedia formats. The IE vulnerabilities allows fields to be malformed when reading or processing the image. That can result in a buffer overflow and open the system to a remote attacker.
"The PNG vulnerability is the most significant of the three," said Vincent Weafer, a senior director at Symantec Security Response. "This is a file format flaw and it's not something users are thinking of, which is why they need to watch out for it."
wacky |ˈwakē| (also whacky) adjective ( wackier , wackiest ) informal funny or amusing in a slightly odd or peculiar way
You do not have the required security level to post to this thread.
Report a Bug!