Cumulative Patch for Internet Explorer - MS02-047

This is a cumulative patch that includes the functionality of all previously released patches for IE 5.01, 5.5 and 6.0. In addition, it eliminates the following six newly discovered vulnerabilities:

  • A buffer overrun vulnerability affecting the Gopher protocol handler. This vulnerability was originally discussed in Microsoft Security Bulletin MS02-027, which provided workaround instructions while the patch provided here was being completed.

  • A buffer overrun vulnerability affecting an ActiveX control used to display specially formatted text.

  • A vulnerability involving how Internet Explorer handles an HTML directive that displays XML data.

  • A vulnerability involving how Internet Explorer represents the origin of a file in the File Download Dialogue box.

  • A Cross Domain verification vulnerability that occurs because of improper domain checking in conjunction with the Object tag.

  • A newly reported variant of the "Cross-Site Scripting in Local HTML Resource" vulnerability originally discussed in Microsoft Security Bulletin MS02-023.
News source: Microsoft TechNet

View: More Information

View: Download Page (Q323759)

Report a problem with article
Next Article

Mandrake Linux 9.0 Beta 4

Previous Article

Microsoft Security Bulletin Update: MS02-044, MS02-045, MS02-046, MS02-047

-1 Comments - Add comment

Advertisement