July 15, 2003
A CERT Advisory I can Enjoy
CERT advisories can mean a chunk of work, depending on the particular vulnerablity. More often than not they are irrelevant given that my desktop is OS X, Andy's OS is Gentoo Linux, and we're running minimal installs of Solaris or Red Hat Linux on our other machines. Yesterday's CERT advisory is yet another entertaining read.
A buffer overflow vulnerability exists in a shared HTML conversion library used by Internet Explorer (IE) and other Windows applications. By enticing a victim to view an HTML document using IE, an attacker could execute arbitrary code with the victim's privileges or cause IE to crash.
A quick chuckle and I'm back to work.
Posted by mike at July 15, 2003 8:37 AM