Microsoft IE MSHTML.DLL IMG SRC Tag Information Disclosure
Remote / Network Access
Loss of Confidentiality
Microsoft Internet Explorer contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a malicious HTML file contains an IMG SRC tag that doesn't point to an image file. The document object model of Internet Explorer can then be exploited to reveil information not otherwise available leading to a loss of confidentiality.
Upgrade to version 6.0 or higher, as it has been reported to fix this vulnerability. Microsoft has also released a patch to address this issue.