CVE-2010-0805

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 5.01 SP4 through 6 SP1

Description A remote code execution issue exists in the way Internet Explorer manages long URLs in certain situations. This could allow an attacker to execute arbitrary code via a specially crafted Web page, potentially gaining the same user rights as the logged-on user. If the user has administrative rights, the attacker could take complete control of the affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Internet Explorer versions 5.01 SP4 through 6 SP1, consider disabling the Tabular Data Control (TDC) ActiveX control as a temporary workaround until a patch is available. Restrict access to specially crafted Web pages to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.