Full Disclosure mailing list archives
Re: MS07-069 DHTML Objects Memory Corruption - has anybody seen it in the wild?
From: Valdis.Kletnieks () vt edu
Date: Tue, 15 Jan 2008 11:07:55 -0500
On Tue, 15 Jan 2008 15:36:22 +0100, Alla Bezroutchko said:
Microsoft security bulletin says: "When the security bulletin was released, Microsoft had received information that this vulnerability was being exploited." However I haven't found any references to an exploit in the wild. Checked a few anti-virus databases, but nothing there either.
Note that the mentioned exploit may not show up in an anti-virus database because it's not in anything that the A/V actually checks (think about why you rarely see browser exploits in an A/V database - what the A/V lists is the stuff dumped on the end user's box after the exploit gets things started). I'd look for things like bleeding-edge Snort signatures and the like.
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- MS07-069 DHTML Objects Memory Corruption - has anybody seen it in the wild? Alla Bezroutchko (Jan 15)
- Re: MS07-069 DHTML Objects Memory Corruption - has anybody seen it in the wild? Valdis . Kletnieks (Jan 15)