Intrusion Prevention

MS.IE.XML.Data.Binding.Memory.Corruption

Description

This indicates an attack attempt to exploit a vulnerability in Microsoft Internet Explorer.
The vulnerability is due to the way Microsoft IE handles HTML files that contain specially crafted XML data. A remote attacker may exploit this to execute arbitrary code.

Affected Products

Microsoft IE 5.01
Microsoft IE 6 SP1
Microsoft IE 6
Microsoft IE 7

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the patch, available from the vendor's website:
http://www.microsoft.com/technet/security/Bulletin/MS08-078.mspx

CVE References

CVE-2008-4844