Browser Security Test
Security testing
Scanit offers penetration tests, vulnerability assessments and web application audits.
Scanit offers penetration tests, vulnerability assessments and web application audits.
Learn ethical hacking.
Scanit offers 5-day training on ethical hacking.
Scanit offers 5-day training on ethical hacking.
Internet Explorer XML nested SPAN elements memory corruption (CVE-2008-4844)
Description
Microsoft Internet Explorer has a bug in processing XML documents that contain nested SPAN tags. This bug can be used to make Internet Explorer execute arbitrary code.This vulnerability is being exploited "in the wild". It means that criminal hackers are known to use it to attack computers.
This is an arbitrary code execution vulnerability. It means that it can be used to place a backdoor, a virus or spyware on a vulnerable computer.
Recommendations
If you are using Microsoft Windows we recommend using Windows Update to correct this problem. See also Microsoft Security Bulletin MS08-078 for information about the patch for this problem.If you are not using Microsoft Windows, this result is most probably a false positive. Try running the test for this vulnerability again. If your browser does not crash during the test for this vulnerability, it is not vulnerable.