PaulDotCom mailing list archives
IE Exploit
From: brian.seel at gmail.com (Brian Seel)
Date: Tue, 16 Dec 2008 09:51:26 -0800
Looks like this is already hitting the forward monkeys. I just got a vauge message forwarded from my mom and aunt about the fact that there was a vulnerability in IE (and it had a nice little note at the end that firefox wasnt vulnerable). Heh. 2008/12/16 Ed Baunton <dj_ed12 at hotmail.com>
And I think this is it on metasploit http://trac.metasploitcom/changeset/6012<http://trac.metasploit.com/changeset/6012> Just upgraded my install to include it and test on Vista IE7 and XP IE 6. Am about to try on XP IE 7 ------------------------------ *From:* pauldotcom-bounces at mail.pauldotcom.com [mailto: pauldotcom-bounces at mail.pauldotcom.com] *On Behalf Of *Chris Blazek *Sent:* 16 December 2008 15:33 *To:* PaulDotCom Security Weekly Mailing List *Subject:* Re: [Pauldotcom] IE Exploit Is this the same exploit, MS Internet Explorer XML Parsing Buffer Overflow Exploit (vista) 0day <http://www.milw0rm.org/exploits/7410> or variant of, listed on milw0rm? http://www.milw0rm.org/exploits/7410 2008/12/16 Arch Angel <arch3angel at gmail.com>I just heard the Risky Business show a few minutes ago and the guest speaker believed IE 8 to be vulnerable but Patrick said that as of yet (his words at the time of the release) Vista fully patched could not be exploited in the lab. However that is considering a fully patched Vista as well so I am leaning on the side of caution with this one, at least till we have more details. _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcomcom <Pauldotcom at mail.pauldotcom.com> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com-- http://www.kingbin.net/ #!/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj $/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1 lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/) _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20081216/09e27ce2/attachment.htm
Current thread:
- IE Exploit, (continued)
- IE Exploit Ed Baunton (Dec 16)
- IE Exploit Jack Daniel (Dec 16)
- IE Exploit Jack Daniel (Dec 16)
- IE Exploit Karl Schuttler (Dec 16)
- IE Exploit Ed Baunton (Dec 16)
- IE Exploit byte.bucket at 4a44.com (Dec 16)
- IE Exploit Arch Angel (Dec 16)
- IE Exploit xgermx (Dec 16)
- IE Exploit Chris Blazek (Dec 16)
- IE Exploit Ed Baunton (Dec 16)
- IE Exploit Brian Seel (Dec 16)
- Message not available
- IE Exploit Tim Krabec (Dec 16)