Dailydave mailing list archives
Re: IE attack...
From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Sun, 26 Mar 2006 02:39:02 +0200 (EET)
This code listing appeared to many sites in hours (on Thursday), maybe the readers of mailing lists just didn't sent a note to the lists. Many security companies updated their advisories to include information about existing code.
Regards, Juha-Matti
On 3/25/06, Dave Aitel <dave () immunityinc com> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > So this is the IE attack various sites are owning people with...I > stumbled on it while browsing random things. It's been a pretty bad > week for IE this week. Of course, it's been a pretty bad year for IE. > Been a pretty bad time all around for IE. Motto: "Giving Host > Intrusion Prevention vendors case study after case study." > > I don't know why the other lists aren't posting this. Maybe there was > a memo that went around where you try to keep people from knowing what > they're actually at risk from. > > - -dave Ya this was released on Thursday by Unl0ck Research Team, removed comment section below. <!--
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
/\ \/ Internet Explorer Remote Code Execution Exploit v 0.1 /\ by Darkeagle of Unl0ck Research Team \/ /\ used SkyLined idea of exploitation. special tnx goes to him. \/ Affected Software : Microsoft Internet Explorer 6.x, IE7 Beta 2 Severity : Critical Impact : Remote System Access Solution Status : ** UNPATCHED ** Discovered by : Computer Terrorism (UK) Advisory Date : 22nd March, 2006 Tested : WinXP SP2 RUS IE 6.0 (full patched) Vulnerability details:
---clip---
Current thread:
- IE attack... Dave Aitel (Mar 25)
- RE: IE attack... Anthony Aykut (Mar 25)
- Re: IE attack... Alexander Sotirov (Mar 25)
- Re: IE attack... David Barroso (Mar 25)
- Re: IE attack... str0ke (Mar 25)
- <Possible follow-ups>
- Re: IE attack... Juha-Matti Laurio (Mar 25)