HighMicrosoft Windows Knowledge Base Article 974455 update is not installed on the system, which could allow an attacker to exploit the following vulnerabilities:
Microsoft Internet Explorer could allow a remote attacker to execute arbitrary code on the system, caused by an error when processing data stream headers. By persuading a victim to visit a specially-crafted Web page, a remote attacker could exploit this vulnerability to corrupt memory and execute arbitrary code on the system with the privileges of the victim.
Microsoft Internet Explorer could allow a remote attacker to execute arbitrary code on the system, caused by the improper validation of arguments under specific circumstances. By persuading a victim to visit a specially-crafted Web page, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim.
Microsoft Internet Explorer could allow a remote attacker to execute arbitrary code on the system, caused by an error when attempting to access a deleted or uninitialized object. By persuading a victim to visit a specially-crafted Web page, a remote attacker could exploit this vulnerability to corrupt memory and execute arbitrary code on the system with the privileges of the victim.
Microsoft Internet Explorer could allow a remote attacker to execute arbitrary code on the system, caused by an error when attempting to access a deleted or uninitialized object. By persuading a victim to visit a specially-crafted Web page, a remote attacker could exploit this vulnerability to corrupt memory and execute arbitrary code on the system with the privileges of the victim.
Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin MS09-054. See References.
Microsoft Security Bulletin MS09-054
Cumulative Security Update for Internet Explorer (974455)
http://www.microsoft.com/technet/security/bulletin/ms09-054.mspx
IBM Internet Security Systems X-Force Database
Microsoft Internet Explorer data stream headers code execution
http://xforce.iss.net/xforce/xfdb/53538
IBM Internet Security Systems X-Force Database
Microsoft Internet Explorer arguments code execution
http://xforce.iss.net/xforce/xfdb/53539
IBM Internet Security Systems X-Force Database
Microsoft Internet Explorer uninitialized code execution
http://xforce.iss.net/xforce/xfdb/53542
IBM Internet Security Systems X-Force Database
Microsoft Internet Explorer uninitialized object code execution
http://xforce.iss.net/xforce/xfdb/53543
ISS X-Force
Microsoft Windows Knowledge Base Article 974455 update is not installed
http://www.iss.net/security_center/static/53544.php
CVE CVE-2009-2531
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2531
CVE CVE-2009-2530
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2530
CVE CVE-2009-1547
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1547
CVE CVE-2009-2529
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2529
