http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200203-011

InternetExplorer5.5和6.0版本的mshtml.dll的HTML指令实现存在缓冲区溢出漏洞。远程攻击者借助web页执行任意代码，该漏洞以一种导致2字符编码标准的字符串连接的方式指定嵌入式控制项。

来源:CERT/CCAdvisory:CA-2002-04
名称:CA-2002-04
链接:http://www.cert.org/advisories/CA-2002-04.html
来源:MS
名称:MS02-005
链接:http://www.microsoft.com/technet/security/bulletin/ms02-005.asp
来源:XF
名称:ie-html-directive-bo(8116)
链接:http://www.iss.net/security_center/static/8116.php
来源:BUGTRAQ
名称:20020213dH&SECURITY.NNOV;:bufferoverflowinmshtml.dll
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=101362984930597&w;=2
来源:BID
名称:4080
链接:http://www.securityfocus.com/bid/4080
来源:BUGTRAQ
名称:20020227Detailsandexploitationofbufferoverflowinmshtml.dll(andfewsidenotesonUnicodeoverflowsingeneral)
链接:http://online.securityfocus.com/archive/1/258614
来源:USGovernmentResource:oval:org.mitre.oval:def:925
名称:oval:org.mitre.oval:def:925
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:925