Full Disclosure mailing list archives
Re: Microsoft Internet Explorer (mshtml.dll) - Remote Code Execution
From: Stelian Ene <stelian.ene () gecadtech com>
Date: Wed, 22 Mar 2006 19:14:07 +0200
Computer Terrorism (UK) :: Incident Response Centre wrote:
Pursuant to the publication of the aforementioned bug/vulnerability, this document serves as a preliminary Security Advisory for users of Microsoft Internet Explorer version 6 and 7 Beta 2. Successful exploitation will allow a remote attacker to execute arbitrary code against a fully patched Windows XP system, yielding system access with privileges of the underlying user.
So this is indeed a n-day vulnerability, with n a small positive integer. I must stress that I'm not the original author, and that I've seen this bug discussed in public forums as early as 19.03.2006. If exploitation is as easy as you claim, then probably the bad guys are already actively using this, just like they did with WMF. Oldest POC I've found, by 'shog9' (Joshua Heyer): http://www.shog9.com/crashIE.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Microsoft Internet Explorer (mshtml.dll) - Remote Code Execution Computer Terrorism (UK) :: Incident Response Centre (Mar 22)
- Re: Microsoft Internet Explorer (mshtml.dll) - Remote Code Execution Stelian Ene (Mar 22)
- Re: Microsoft Internet Explorer (mshtml.dll) - Remote Code Execution ad () heapoverflow com (Mar 22)
- Re: Microsoft Internet Explorer (mshtml.dll) - Remote Code Execution Stelian Ene (Mar 22)