PaulDotCom mailing list archives

Previous By Date Next
Previous By Thread Next

IE Exploit

From: dj_ed12 at hotmail.com (Ed Baunton)
Date: Tue, 16 Dec 2008 16:33:40 -0000
And I think this is it on metasploit
http://trac.metasploit.com/changeset/6012 
 
Just upgraded my install to include it and test on Vista IE7 and XP IE 6. 
 
Am about to try on XP IE 7

  _____  

From: pauldotcom-bounces at mail.pauldotcom.com
[mailto:pauldotcom-bounces at mail.pauldotcom.com] On Behalf Of Chris Blazek
Sent: 16 December 2008 15:33
To: PaulDotCom Security Weekly Mailing List
Subject: Re: [Pauldotcom] IE Exploit


Is this the same exploit, MS Internet Explorer
<http://www.milw0rm.org/exploits/7410> XML Parsing Buffer Overflow Exploit
(vista) 0day or variant of,  listed on milw0rm?

http://www.milw0rm.org/exploits/7410






2008/12/16 Arch Angel <arch3angel at gmail.com>


I just heard the Risky Business show a few minutes ago and the guest speaker
believed IE 8 to be vulnerable but Patrick said that as of yet (his words at
the time of the release) Vista fully patched could not be exploited in the
lab.  However that is considering a fully patched Vista as well so I am
leaning on the side of caution with this one, at least till we have more
details.

_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com





-- 
http://www.kingbin.net/

#!/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj 
$/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1 
lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20081216/ad8724f0/attachment.htm
Previous By Date Next
Previous By Thread Next

Current thread: