The first issue is due to a memory corruption error when handling
certain script errors, which could be exploited by malicious web sites
to execute arbitrary commands.
The second vulnerability is due to a memory corruption error when
interpreting certain DHTML script function calls to incorrectly created
elements, which could be exploited by attackers to compromise a
vulnerable system by tricking a user into visiting a specially crafted
web page.
The third flaw is due to an error when handling certain drag and drop
operations, which could be exploited by attackers to retrieve files
from the Temporary Internet Files (TIF) folder on a vulnerable system.
The fourth issue is due to an error when handling certain "OBJECT"
tags, which could be exploited by attackers to cause a vulnerable
application to disclose the path to the cached content in the TIF
folder.
Affected Products
Microsoft Internet Explorer 5.01 Service Pack 4 on Windows 2000 Service Pack 4
Microsoft Internet Explorer 6 Service Pack 1 on Windows 2000 Service Pack 4
Microsoft Internet Explorer 6 for Windows XP Service Pack 2
Microsoft Internet Explorer 6 for Windows XP Professional x64 Edition
Microsoft Internet Explorer 6 for Windows Server 2003
Microsoft Internet Explorer 6 for Windows Server 2003 Service Pack 1
Microsoft Internet Explorer 6 for Windows Server 2003 (Itanium)
Microsoft Internet Explorer 6 for Windows Server 2003 with SP1 (Itanium)
Microsoft Internet Explorer 6 for Windows Server 2003 x64 Edition
Solution
Apply patches :
http://www.microsoft.com/technet/security/Bulletin/MS06-072.mspx