Just in from the folks at Secunia:
Description:
H D Moore has discovered a vulnerability in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user’s system.
The vulnerability is caused due to an integer overflow error in the “setSlice()” method in the “WebViewFolderIcon” ActiveX control. This can be exploited to corrupt memory when e.g. visiting a malicious web site.
Successful exploitation allows execution of arbitrary code.
NOTE: Exploit code is publicly available.
The vulnerability has been confirmed on a fully patched system with Internet Explorer 6.0 and Microsoft Windows XP SP2. Other versions may also be affected.
Solution:
Only allow trusted websites to run ActiveX controls.
Provided and/or discovered by:
H D Moore
Original Advisory:
H D Moore:
http://browserfun.blogspot.com/2006/07/mobb-18-webviewfoldericon-setslice.html
[tags]Integer Overflow, Vulnerability, IE Exploit[/tags]
