Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MS05-005 and MS05-009 - New POC Exploits


  • Please log in to reply
No replies to this topic

#1 harrywaldron

harrywaldron

    Security Reporter


  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:08:20 PM

Posted 10 February 2005 - 06:42 AM

"Day One" Exploits have been published for MS05-005 and MS05-009

PoC's available for MS05-005 and MS05-009
http://isc.sans.org//diary.php?date=2005-02-09

Proof of concept code has been released for the MS05-005 (Microsoft Office URL handling) and MS05-009 (Multiple PNG file decode problems) issues. Both of these are on the critical patch list, and we expect to see malware utilizing either of these attacks in the near future. The portion of MS05-009 that relates to MSN Messenger; the CAN-2004-0597 libpng vulnerability, is especially serious, as CORE Security has determined that this attack may be possible to execute in a completely undetected manner to the end user with little to no user interaction, depending on MSN client settings.

BC AdBot (Login to Remove)

 


m



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users