Intrusion Prevention

MS.IE.ActiveX.Navigate.Method.Access

Description

This indicates an attempt to exploit a buffer-overflow vulnerability in Microsoft Internet Explorer.
The vulnerability is located in some ActiveX controls through misuse of navigation methods. An attacker may exploit this to execute arbitrary code, or cause the program to crash.

Affected Products

Internet Explorer 5.01 Service Pack 4 when installed on Microsoft Windows 2000 Service Pack 4
Internet Explorer 6 Service Pack 1 when installed on Microsoft Windows 2000 Service Pack 4

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply patch, available from the website:
http://www.microsoft.com/technet/security/Bulletin/ms08-073.mspx

CVE References

CVE-2008-4258