Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Fw: What is your take on the recent IE Problems

From: "Rob McShinsky" <Rob () McShinsky com>
Date: Mon, 1 Dec 2003 11:35:52 -0500


 What do  you think are the real realworld possibilities of a problem?

 (1) HIGH: Microsoft Internet Explorer Multiple Vulnerabilities

 Affected Products:

 Internet Explorer 6.0

 Possibly Internet Explorer versions 5.01 and 5.5

 Description:

 Multiple new vulnerabilities have been reported in Internet Explorer which
 can be exploited in tandem by a malicious website to execute arbitrary code
 and/or access sensitive information on a system running a fully patched
 browser (with the latest MS03-048 patch installed).

 Technical details and proof-of-concept exploits have been posted.

 Status: Vendor has not confirmed, no patch is available.

 Council Site Actions:

 Due to the late-breaking nature of this problem, we were unable to solicit
 input from the council sites.

 References:

 Postings by Liu Die Yu (discovered the vulnerabilities)
 http://archives.neohapsis.com/archives/fulldisclosure/2003-q4/2906.html

 http://archives.neohapsis.com/archives/bugtraq/2003-11/0309.html

 http://archives.neohapsis.com/archives/bugtraq/2003-11/0302.html

 http://archives.neohapsis.com/archives/bugtraq/2003-11/0308.html

 http://archives.neohapsis.com/archives/bugtraq/2003-11/0307.html

 http://archives.neohapsis.com/archives/bugtraq/2003-11/0305.html

 http://archives.neohapsis.com/archives/bugtraq/2003-11/0303.html

 http://archives.neohapsis.com/archives/bugtraq/2003-11/0298.html

 http://archives.neohapsis.com/archives/bugtraq/2003-11/0297.html

 Secunia Advisory

 http://www.secunia.com/advisories/10289/




---------------------------------------------------------------------------
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: