iDefense Security Advisory 12.09.08 -Remote exploitation of a stack buffer overflow vulnerability while handling specific HTML tags in Microsoft Corp.'s Internet Explorer web browser allows attackers to execute arbitrary code within the context of the affected user. As of September 2008, iDefense confirms that Internet Explorer 5.01 on Windows 2000 SP4, is vulnerable. It also causes denial of service for Internet Explorer 6 on Windows XP SP2. Internet Explorer 7 is not affected.
027f86f331e8ec116d59559fda203fd63d14492947a5f9a5df9279c236cc1782