Intrusion Prevention



This indicates a possible attempt to exploit a remote Code Execution vulnerability in Microsoft Internet Explorer.
The vulnerability is caused by an error in the processing of the "createTextRange()" method call, applied to a radio button control. It can be exploited by using a malicious web site to corrupt memory in a way that allows the program flow to be redirected to the heap.

Affected Products

Microsoft Internet Explorer 5.0, 6.0, 6.0 SP2


System Compromise: Remote code execution.

Recommended Actions

The recently released Internet Explorer 7 Beta 2 Preview is not vulnerable to this exploit. Upgrade or apply patches to earlier Internet Explorer versions.

CVE References