Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


New 0-day Exploit In The Wild

  • Please log in to reply
No replies to this topic

#1 Daisuke


    Cleaner on Duty

  • Members
  • 5,575 posts
  • Gender:Male
  • Location:Romania
  • Local time:05:01 PM

Posted 17 March 2006 - 05:49 PM

Remote overflow in MSIE script action handlers (mshtml.dll)

There is a new and unpatched vulnerability with exploit code in the wild that affects the latest version of IE. The exploit works by including an abnormally large (a couple thousand) number of script actions inside a single HTML tag. This will cause a memory array to write out of bounds and cause an immediate or eventual browser crash. Both McAfee and Symantec have released signatures to detect this exploit. While this is only a DoS vulnerability at the moment, there is ongoing attempts to try to use this as a vector for remote code execution.

New IE 0-Day Exploit in the Wild - SANS
Everyday is virus day. Do you know where your recovery CDs are ?
Did you create them yet ?

Posted Image

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users