Internet Explorer 7 security denial of service vulnerability
Various versions of Internet Explorer, including IE7 for Windows XP SP2 and the browser integrated into Windows Vista are vulnerable to exploits targeting a zero-day flaw. Microsoft has confirmed
the existence of the Internet Explorer ActiveX bgColor Property Denial of Service vulnerability reported by Determina Security Research.
“We have confirmed that this issue can be used to cause the instance of Internet Explorer to exit when viewing the specially crafted Web page. We have confirmed that there is no possibility to use the bug to do anything beyond that, e.g. execute code. As such it is more along the lines of a stability issue and would be treated along similar issues reported into Microsoft using the Online Crash Analysis system,” stated a Microsoft representative.
[ Read more ]