Microsoft Windows Vector Markup Language Buffer Overflow
Author: Dave Lewis
More on the patch Tuesday hit parade.
From Secunia:
Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user’s system
The vulnerability is caused due to an integer overflow error in the Vector Markup Language (VML) implementation and can be exploited to cause a heap-based buffer overflow via e.g. a specially crafted web page or HTML e-mail.
Successful exploitation allows execution of arbitrary code.
NOTE: According to Microsoft, the vulnerability is being actively exploited.
Tags: Microsoft, Windows Vector, Buffer Overflow, Vulnerability
