funsec mailing list archives
Re: MS 0day
From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Tue, 7 Nov 2006 18:47:25 +0200 (EET)
Dude VanWinkle <dudevanwinkle () gmail com> wrote:
On 11/7/06, Roger Thompson <rthompson () explabs com> wrote: > At 09:06 AM 11/7/2006, Dude VanWinkle wrote: > >http://secunia.com/advisories/22687/ > >http://www.microsoft.com/technet/security/advisory/927892.mspx > >Microsoft is investigating public reports of a vulnerability in the > >XMLHTTP 4.0 ActiveX Control, part of Microsoft XML Core Services 4.0 > >on Windows. We are aware of limited attacks that are attempting to use > >the reported vulnerability. > > > >Customers who are running Windows Server 2003 and Windows Server 2003 > >Service Pack 1 in their default configurations, with the Enhanced > >Security Configuration turned on, are not affected. Customers would > >need to visit an attacker's Web site to be at risk. We will continue > >to investigate these public reports. > > > >------------------ > > > >I cant tell if this is related to the ie_createobject vuln or not.. > > No... they're different. Do you know of a link to detailed info about this vuln? Does anyone have an example of the exploit circulating? -JP
This CERT advisory describes the vulnerability: http://www.kb.cert.org/vuls/id/585137 including several references. The existence of 0-day was covered via this http://linuxbox.org/pipermail/funsec/2006-November/010217.html on Saturday already ;-) - Juha-Matti _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- MS 0day Dude VanWinkle (Nov 07)
- <Possible follow-ups>
- Re: MS 0day Roger Thompson (Nov 07)
- Re: MS 0day Dude VanWinkle (Nov 07)
- Re: MS 0day Juha-Matti Laurio (Nov 07)