Internet Explorer createTextRange memory corruption

Added: 03/28/2006
CVE: CVE-2006-1359
BID: 17196
OSVDB: 24050

Background

The createTextRange dynamic HTML method creates a text range object for an HTML element.

Problem

A flaw in the handling of unexpected createTextRange method calls by certain HTML objects could result in command execution.

Resolution

Apply an update from Microsoft when available. See Microsoft Security Advisory 917077 for information on update availability.

References

http://www.microsoft.com/technet/security/advisory/917077.mspx

Limitations

Due to the large amount of memory involved in this exploit, it only works on systems configured with an increased amount of virtual memory. Successful exploitation requires a user to load the URL of the exploit in an affected browser. There may be a delay before the exploit succeeds.

Platforms

Windows XP

Back to exploit index