Microsoft Internet Explorer Stack Overflow Vulnerability


Description   (:A stack overflow vulnerability has been identified in Microsoft Internet Explorer.:A remote attacker could exploit it by inciting their victim to open a specially crafted web page in order to execute code to crash the browser.::This vulnerability stems from a stack exhaustion due to the execution of a VB script.::The vulnerability has not been confirmed.::A proof of concept exists.)
     
Vulnerable Products   Vulnerable Software:
Internet Explorer (Microsoft) - 10, 11, 11.0, 3.0, 3.1, ..., 8.0, 8.0 Beta 1, 8.0 Beta 2, 8.0 RC1, 9.0
     
Solution   No solution for the moment.
     
CVE  
     
References   - Twitter : Bug of the day: #VBScript stack exhaustion
https://twitter.com/berendjanwever/status/644113614635462656
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
Web 2.0 : Detection of visual basic script embedded in web page
5.0.0
     


 
 
 
 
 Risk level 
Low 

 Vulnerability First Public Report Date 
2015-09-16 

 Target Type 
Client 

 Possible exploit 
Remote