Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Internet Explorer - New Poc Zero Day Exploit


  • This topic is locked This topic is locked
1 reply to this topic

#1 harrywaldron

harrywaldron

    Security Reporter


  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:01:34 AM

Posted 21 November 2005 - 11:46 AM

A critical vulnerability has been identified in Microsoft Internet Explorer, which could be exploited by remote attackers to execute arbitrary commands. This flaw is due to a memory corruption error when processing malformed HTML pages containing specially crafted calls to the JavaScript "window()" object and the "body onload" tag, which could be exploited remote attackers to take complete control of an affected system by convincing a user to visit a malicious Web page.

This vulnerability has been confirmed on Windows XP SP2 with Internet Explorer 6 (fully patched).


Secunia shares this Solution: Disable Active Scripting except for trusted sites.

A new proof-of-concept (POC) exploit has been published for a critical unpatched IE vulernability. Please be careful of any websites you visit and so far there are no reports of the POC being found in the wild.

New Zero Day Internet Explorer Remote Code Execution Exploit
http://www.frsirt.com/english/advisories/2005/2509
http://www.frsirt.com/exploits/20051121.IEWindow0day.php
http://secunia.com/advisories/15546/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1790

Edited by harrywaldron, 21 November 2005 - 02:05 PM.


BC AdBot (Login to Remove)

 


#2 harrywaldron

harrywaldron

    Security Reporter

  • Topic Starter

  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:01:34 AM

Posted 21 November 2005 - 08:07 PM

Posted Image

Hopefully, this escalation in status is to promote security awareness, rather than a new in-the-wild threat.

Internet Storm Center moves to Code Yellow Status on Zero Day IE exploit

Prevention techniques include: using IE for trusted sites, using alternative browsers, and in IE to disable Active Scripting except for trusted sites.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users