CVE-2004-0842 Information

Description

Internet Explorer 6.0 SP1 and earlier and possibly other versions allows remote attackers to cause a denial of service (application crash from \memory corruption) via certain malformed Cascading Style Sheet (CSS) elements that trigger heap-based buffer overflows as demonstrated using the \STYLE@;/*\ string possibly due to a missing comment terminator that may cause an invalid length to trigger a large memory copy operation aka the \CSS Heap Memory Corruption Vulnerability.\

Reference

http://marc.info/?l=bugtraq&m=109107496214572&w=2 http://marc.info/?l=full-disclosure&m=109060455614702&w=2 http://marc.info/?l=full-disclosure&m=109102919426844&w=2 http://secunia.com/advisories/12806 http://www.ciac.org/ciac/bulletins/p-006.shtml http://www.ecqurity.com/adv/IEstyle.html http://www.kb.cert.org/vuls/id/291304 http://www.securiteam.com/exploits/5NP042KF5A.html http://www.securityfocus.com/bid/10816 http://www.us-cert.gov/cas/techalerts/TA04-293A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038 https://exchange.xforce.ibmcloud.com/vulnerabilities/16675 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A2906 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A3372 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A4169 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A5592 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A6579