MS KB2887505: Vulnerability in Internet Explorer Could Allow Remote Code Execution
High Nessus Plugin ID 69931
SynopsisThe remote host is affected by a remote code execution vulnerability.
DescriptionThe remote host is missing one of the workarounds referenced in KB 2887505.
The remote version of Internet Explorer (IE) reportedly has a memory corruption vulnerability related to how IE accesses an object in memory that has been deleted or has not been properly allocated. By exploiting this flaw, a remote, unauthenticated attacker could execute arbitrary code on the remote host subject to the privileges of the user running the affected application.
SolutionApply the IE settings workarounds suggested by Microsoft in the advisory, or apply the MSHTML Shim workaround in the Microsoft 'Fix it' solution.