Bugtraq mailing list archives
IE HHCTRL exploit still usable even after patch
From: Valentin Avram <vavram () gecadnet ro>
Date: Tue, 18 Jan 2005 18:53:37 +0200
Hi everybody.Just wanted to point out that the patch Microsoft released to take care of the HHCTRL.OCX vulnerability (MS05-001) is fixing just part of the problem.
At least Windows XP Service Pack 1 and Windows 2000 Service Pack 4 are still vulnerable to exploiting the HHCTRL vulnerability, by using another IE bug not patched yet. I have successfully used the HHCTRL exploit on an WinXP SP1 and Win2k SP4 uptodate today (Jan18-2005).
I won't release any technical information for now, i believe that most of you already know this.
Service Pack 2 doesn't seem to allow this bypass i used. If anyone knows of a way to bypass SP2 and still exploit the HHCTRL way, please let me know, we'd like to let people know to be careful (even if they have SP2).
Thank you all for your time. -- Valentin AVRAM IT Security Engineer GeCAD NET Phone: +40-21-321.78.03 E-mail: vavram () gecadnet ro Web: www.gecadnet.ro
Current thread:
- applicable exploit for winxp-sp2-uptodate Internet Explorer Liu Die Yu (Jan 11)
- IE HHCTRL exploit still usable even after patch Valentin Avram (Jan 19)