[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Microsoft Internet Explorer (mshtml.dll) - Remote Code Execution
- Subject: Re: [Full-disclosure] Microsoft Internet Explorer (mshtml.dll) - Remote Code Execution
- From: Stelian Ene <stelian.ene@xxxxxxxxxxxxx>
- Date: Wed, 22 Mar 2006 19:14:07 +0200
Computer Terrorism (UK) :: Incident Response Centre wrote:
> Pursuant to the publication of the aforementioned bug/vulnerability,
> this document serves as a preliminary Security Advisory for users of
> Microsoft Internet Explorer version 6 and 7 Beta 2.
> Successful exploitation will allow a remote attacker to execute
> arbitrary code against a fully patched Windows XP system, yielding
> system access with privileges of the underlying user.
So this is indeed a n-day vulnerability, with n a small positive integer.
I must stress that I'm not the original author, and that I've seen this bug
discussed in public forums as early as 19.03.2006. If exploitation is as easy as
you claim, then probably the bad guys are already actively using this, just like
they did with WMF.
Oldest POC I've found, by 'shog9' (Joshua Heyer):
http://www.shog9.com/crashIE.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/