Public exploits available
On this page
A remote code execution vulnerability exists in the Vector Markup Language (VML) implementation in Microsoft Windows.
An attacker who successfully exploited this vulnerability could take complete control of an affected system.
Technical details (analysis)
An attacker could exploit the vulnerability by constructing a specially crafted Web page or HTML e-mail that could potentially allow remote code execution if a user visited the Web page or viewed the message. A VML tag with a particular attribute has a fixed buffer that can be overflowed.
Microsoft Internet Explorer 5.x
Microsoft Internet Explorer 6
Microsoft Outlook 2000
Microsoft Outlook 2002
Microsoft Outlook 2003
Microsoft Outlook Express 5.5
Microsoft Outlook Express 6
All those not on affected applications list.
Release Date: 2006-10-05T00:00:00
Known false positives
No known false positives at this time.
Modify the Access Control List on VGX.DLL to be more restrictive.
Configure Internet Explorer 6 for Microsoft Windows XP Service Pack 2 to disable Binary and Script Behaviors in the Internet and Local Intranet security zone.
Read e-mail messages in plain text format if you are using Outlook 2002 or a later version, or Outlook Express 6 SP1 or a later version, to help protect yourself from the HTML e-mail attack vector.
Block VML Vulnerability Traffic with ISA Server.