MS.IE.Uninitialized.Memory.Corruption

Last Updated Date	May 12, 2009
Release Date	Aug 15, 2008
Severity	Critical
Impact	System compromise.
Description	This indicates an attack attempt against a double-free memory-corruption vulnerability in Microsoft Internet Explorer. The vulnerability is due to the way the application manages certain HTTP responses. It could lead to a crash in the Internet Explorer or to remote code execution.
Affected Products	Internet Explorer 5.01 Service Pack 4 when installed on Microsoft Windows 2000 Service Pack 4 Internet Explorer 6 Internet Explorer 7
Recommended Actions	Please refer to the following website for the update or patch: http://www.microsoft.com/technet/security/bulletin/MS08-045.mspx
Common Vulnerabilities and Exposures (CVE)	http://cve.mitre.org/cgi-bin/cvename.cgi?name=2008-2256
Microsoft Bulletin ID	MS08-045 http://www.microsoft.com/technet/security/Bulletin/ms08-045.mspx
Reference/s	http://www.securityfocus.com/bid/30611 (BugTraq) http://www.vupen.com/english/advisories/2008/2349 (FrSIRT)

Reference: VID-15783