Microsoft Windows Knowledge Base Article 947864 update not installed (WinMs08kb947864Update)

Vuln ID: 41477
Risk Level: Low risk vulnerability  Low WinMs08kb947864Update
Platforms: Microsoft Internet Explorer: 5.01, Microsoft Internet Explorer: 6, Microsoft Internet Explorer: 6 SP1, Microsoft Internet Explorer: 7
Description:

Microsoft Windows Knowledge Base Article 947864 update is not installed on the system, which could allow an attacker to exploit the following vulnerability:

Microsoft Internet Explorer could allow a remote attacker to execute arbitrary code on the system, caused by improper handling of specially-crafted data streams. By persuading a victim to visit a malicious Web page, a remote attacker could exploit this vulnerability to corrupt memory and execute arbitrary code on the system with the privileges of the victim.
Remedy:

Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin MS08-024. See References.
False Positives:
False Negatives:
Required Permission: Windows login
Additional Information:

References:

Microsoft Security Bulletin MS08-024
Cumulative Security Update for Internet Explorer (947864)
http://www.microsoft.com/technet/security/bulletin/ms08-024.mspx

IBM Internet Security Systems X-Force Database
Microsoft Internet Explorer data stream code execution
http://xforce.iss.net/xforce/xfdb/41476

ISS X-Force
Microsoft Windows Knowledge Base Article 947864 update not installed
http://www.iss.net/security_center/static/41477.php

CVE CVE-2008-1085
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1085
X-Force Logo
Know Your Risks		 Mitre.org CVE Logo
Common Vulnerabilties & Exposures