Directory of Security Resources

Home > Computers > Software > Internet > Clients > Web > Browsers > Internet Explorer > Security

Sites related to security issues in Microsoft's Internet Explorer web browser.

Resources in This Category

• CERT Advisory: Buffer Overflow in Microsoft Internet Explorer

  http://www.cert.org/advisories/CA-2002-04.html
  Provides an overview and solutions to this vulnerability which, theoretically, affects all applications utilizing the Internet Explorer HTML rendering engine.

• CNET: Buffer-overflow Bug in IE

  http://news.cnet.com/2100-1001-214620.html
  "Microsoft is urging users of its Internet Explorer browser to download a patch for a newly discovered buffer-overflow security bug. The bug takes advantage of the way some versions of the IE browser handle long strings of JScript code."

• Internet Explorer Security Pro

  http://www.mybestsoft.com/iesec/index.html
  Internet Explorer Security is a utility that customizes aspects of the Internet Explorer Web browser.

• Microsoft Internet Explorer 4.x 5.x - Frame Loop Vulnerability

  http://www.ussrback.com/iehole/
  Advisory by USSR: "It is possible to create a malicious webpage that when visited by an IE user all of their system resources are devoured and depending on the system its possible that the machine can even crash and reboot itself."

• Privacy Secrets of MicroSoft's Internet Explorer

  http://phaster.com/unpretentious/browsing_micro$oft.html
  Security and internet privacy issues of Global Histories, Cookies, and Cache while browsing with Mac Explorer 5.0

• The Register: Cumulative IE Patch for Maicious Cookies

  http://www.theregister.co.uk/2002/04/01/cumulative_ie_patch_for_malicious/
  A fairly serious flaw in Internet Explorer which would enable a malicious Web page or e-mail to drop a cookie containing an HTML script on a victim's machine and run it in the 'Local Computer' zone rather than the Internet zone to avoid restrictions has just been patched.

• The Register: IE, Outlook Run Malicious Commands Without Scripting

  http://www.theregister.co.uk/2002/03/04/ie_outlook_run_malicious_commands/
  An attacker can run arbitrary commands on Windows machines with a simple bit of HTML, an Israeli security researcher has demonstrated. The exploit will work with IE, Outlook and Outlook Express even if active scripting and ActiveX are disabled in the browser security settings.

• The Register: MS Security Patch Fails on Local Files

  http://www.theregister.co.uk/2002/04/02/ms_security_patch_fails/
  The MS patch intended to fix a data binding flaw in IE, which enables a script to call executables on your Windows machine using the object tag, does not protect against malicious files launched from a local directory.

• The Register: Three New MS Security Holes - Two Nasty

  http://www.theregister.co.uk/2002/02/22/three_new_ms_security_holes/
  Includes: MSXML may ignore IE security zone settings during a request for data from a Web site; and a VBscript problem which allows an attacker to read files on a victim's local drive, or eavesdrop on his browsing session.

• Windows Security Guide: Internet Explorer

  http://www.pctools.com/guides/security/id/5/
  Descriptions, and patch information, for vulnerabilities affecting various versions of this browser.

Related Categories

• Home > Computers > Software > Internet > Clients > Web > Browsers > Security

 

Home > Computers > Software > Internet > Clients > Web > Browsers > Internet Explorer > Security

 

---

 

Thanks to DMOZ, which built a great web directory for nearly two decades and freely shared it with the web. About us