PaulDotCom mailing list archives
IE Exploit
From: chris.blazek at gmail.com (Chris Blazek)
Date: Tue, 16 Dec 2008 09:32:31 -0600
Is this the same exploit, MS Internet Explorer XML Parsing Buffer Overflow Exploit (vista) 0day <http://www.milw0rm.org/exploits/7410> or variant of, listed on milw0rm? http://www.milw0rm.org/exploits/7410 2008/12/16 Arch Angel <arch3angel at gmail.com>
I just heard the Risky Business show a few minutes ago and the guest speaker believed IE 8 to be vulnerable but Patrick said that as of yet (his words at the time of the release) Vista fully patched could not be exploited in the lab. However that is considering a fully patched Vista as well so I am leaning on the side of caution with this one, at least till we have more details. _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-- http://www.kingbin.net/ #!/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj $/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1 lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/) -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20081216/c4f9c1d1/attachment.htm
Current thread:
- Shell host, (continued)
- Shell host Mad Marv (Dec 15)
- Shell host Frank Mileto (Dec 15)
- IE Exploit Ed Baunton (Dec 16)
- IE Exploit Jack Daniel (Dec 16)
- IE Exploit Jack Daniel (Dec 16)
- IE Exploit Karl Schuttler (Dec 16)
- IE Exploit Ed Baunton (Dec 16)
- IE Exploit byte.bucket at 4a44.com (Dec 16)
- IE Exploit Arch Angel (Dec 16)
- IE Exploit xgermx (Dec 16)
- IE Exploit Chris Blazek (Dec 16)
- IE Exploit Ed Baunton (Dec 16)
- IE Exploit Brian Seel (Dec 16)
- Message not available
- IE Exploit Tim Krabec (Dec 16)