Home / vulnerabilities Internet Explorer 9 iedvtool.dll NULL Pointer Dereference
Posted on 16 August 2011
Source : packetstormsecurity.org Link
Internet Explorer 9 – Iedvtool.dll Malformed HTML Null Pointer Dereference Vulnerability
August 15, 2011
Author(s): Ivan Sanchez & Hernan Hegykozi
Contact Us: security@evilcode.com.ar
Versions: Microsoft Internet Explorer 9.0.8
Date: 10/08/2011
Product: Microsoft Internet Explorer 9.0.8 / Developer Tool F12
Vendor: Notified
Internal Id: MSRC 11623
We have discovered that the product “Internet Explore 9 /Developer Tool F12″ presents a big hole regarding a Remote NULL Pointer Dereference, crashing the application when you run special code.
Vendor Statement:
Microsoft Security Response Center has investigated this issue and it results being a NULL pointer dereference. Based on this, this issue can’t be exploited to execute arbitrary code and it results in a stability bug. This issue will be considered to be resolved in a future release of Internet Explorer.
Remediation:
Microsoft is working to solve this error for next version of Internet Explorer to address this stability issue.
