«
Expand/Collapse
339 items tagged "internet explorer"
Related tags:
zero [+],
vupen [+],
technical [+],
security research [+],
research [+],
day [+],
cyber [+],
code execution [+],
xss [+],
memory [+],
exploitation techniques [+],
execution [+],
vulnerability [+],
overflow vulnerability [+],
denial of service [+],
cyber security alert [+],
service vulnerability [+],
poc [+],
mshtml [+],
image arrays [+],
zdi [+],
time element [+],
stack overflow [+],
protocol handler [+],
dos [+],
col [+],
windows microsoft [+],
vulnerabilities [+],
uninitialized [+],
table element [+],
spoof [+],
sanitizing [+],
proof of concept [+],
process [+],
ole [+],
office internet [+],
object tag [+],
null pointer [+],
msxml [+],
mode design [+],
microsoft developer tools [+],
mhtml [+],
memory access [+],
lync [+],
low [+],
integrity [+],
information stream [+],
iedvtool [+],
host integration server [+],
heap corruption [+],
heap [+],
exploit [+],
element [+],
critical vulnerability [+],
core [+],
cobjectelement [+],
clipboard object [+],
cache size [+],
bar [+],
avg [+],
memory corruption [+],
whitepaper [+],
txt [+],
spying [+],
shift jis [+],
security advisory [+],
secunia [+],
researchers [+],
read [+],
quot [+],
ms ie [+],
microsoft office document [+],
malicious software [+],
javascript onload [+],
internet browser [+],
free error [+],
firefox [+],
execcommand [+],
domain information [+],
document [+],
dll [+],
cross site scripting [+],
cookie file [+],
comparison [+],
ciframeelement [+],
bypassing [+],
bypass [+],
browser [+],
black hat [+],
analysis [+],
advisory [+],
accuvant [+],
access security [+],
ExploitsVulnerabilities [+],
security [+],
safer use [+],
zalewski [+],
year [+],
xml [+],
windows internet [+],
web [+],
warn [+],
vpn client [+],
virtual function [+],
uri handler [+],
targeted internet [+],
targeted [+],
table colspan [+],
suspected [+],
style object [+],
spam [+],
silent [+],
service [+],
script [+],
saved [+],
remote desktop [+],
rdesktop [+],
pwn [+],
protected [+],
property [+],
project [+],
pdf [+],
paul stone [+],
option element [+],
option [+],
onreadystatechange event [+],
multiple [+],
msiemshtml [+],
moaub [+],
microsoft posts [+],
microsoft internet explorer 6 [+],
michal zalewski [+],
michal [+],
juniper vpn [+],
information leak [+],
information disclosure [+],
information [+],
history information [+],
filter [+],
file [+],
explorer telnet [+],
explorer microsoft [+],
exec [+],
election issue [+],
elderwood [+],
drag and drop [+],
dom object [+],
dom modification [+],
dom editing [+],
dom [+],
denial [+],
dangling pointer [+],
cybercriminals [+],
core services [+],
col element [+],
client [+],
clickjacking [+],
click [+],
chinese hackers [+],
bugs microsoft [+],
boundelements [+],
becomes [+],
attackers [+],
arbitrary code execution [+],
application [+],
Fixes [+],
code [+],
internet [+],
microsoft [+],
explorer [+],
information disclosure vulnerability [+],
windows [+],
remote [+],
bugtraq [+],
zero day [+],
cve [+],
exploits [+],
x exploits,
wshom,
winhlp32,
winhlp,
windows secrets,
victima,
vbdevkit,
using internet,
use,
urlmon,
uri validation,
toolkit,
tabular data control,
tabular,
table layout,
srcelement,
set,
security team,
safari,
run,
reuse,
retired,
pressure,
phase,
payload,
paguina web,
own,
offline,
ocx,
ms10,
ms internet explorer 6,
ms internet,
mounts,
mitigation,
microsoft corp,
metasploit,
meta,
malicious code,
local,
jean michel picod,
iepeers,
ieceo,
idefense security advisory,
idefense,
google,
fortiguard,
explorer 6 0,
dynamic,
dpapi,
dos vulnerability,
crash,
cpp,
compromise,
com,
browser helper,
blogspot,
active x control,
active x,
acceso remoto,
Videos,
Pentesting,
General,
Discussion
-
-
16:00
»
SecuriTeam
Microsoft Internet Explorer prone to remote code execution vulnerability
-
-
16:00
»
SecuriTeam
Microsoft Internet Explorer is prone to a remote code-execution vulnerability.
-
-
16:00
»
SecuriTeam
Microsoft Internet Explorer is prone to a remote code-execution vulnerability.
-
-
16:00
»
SecuriTeam
Microsoft Internet Explorer is prone to a remote code-execution vulnerability.
-
-
20:22
»
Packet Storm Security Advisories
The vulnerability described in this document can be exploited by a malicious Web page to execute arbitrary code with low integrity. Active scripting must be enabled, and the present exploitation techniques require that font downloading be set to "Enable" or "Prompt" and that the "mailto:" protocol be present. (These requirements are satisfied by default on Windows XP, Windows Vista, and Windows 7.) The user is presented with a message box which must be dismissed before code execution can occur.
-
20:22
»
Packet Storm Security Recent Files
The vulnerability described in this document can be exploited by a malicious Web page to execute arbitrary code with low integrity. Active scripting must be enabled, and the present exploitation techniques require that font downloading be set to "Enable" or "Prompt" and that the "mailto:" protocol be present. (These requirements are satisfied by default on Windows XP, Windows Vista, and Windows 7.) The user is presented with a message box which must be dismissed before code execution can occur.
-
20:22
»
Packet Storm Security Misc. Files
The vulnerability described in this document can be exploited by a malicious Web page to execute arbitrary code with low integrity. Active scripting must be enabled, and the present exploitation techniques require that font downloading be set to "Enable" or "Prompt" and that the "mailto:" protocol be present. (These requirements are satisfied by default on Windows XP, Windows Vista, and Windows 7.) The user is presented with a message box which must be dismissed before code execution can occur.
-
-
17:00
»
SecuriTeam
Microsoft Internet Explorer is prone to a remote code-execution vulnerability.
-
-
15:38
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-141 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the .NET Framework. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within Microsoft .NET XAML Browser Application (XBAP) handling of Clipboard object data. It is possible to cause unsafe memory access within System.Windows.Forms.Clipboard, allowing an attacker to control the memory used by an object's native code. This unsafe access allows for control of a function pointer, which can be exploited to remotely execute code. In the case of Internet Explorer, execution of attacker code occurs outside of the Protected Mode sandbox.
-
15:38
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-141 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the .NET Framework. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within Microsoft .NET XAML Browser Application (XBAP) handling of Clipboard object data. It is possible to cause unsafe memory access within System.Windows.Forms.Clipboard, allowing an attacker to control the memory used by an object's native code. This unsafe access allows for control of a function pointer, which can be exploited to remotely execute code. In the case of Internet Explorer, execution of attacker code occurs outside of the Protected Mode sandbox.
-
15:38
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-141 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the .NET Framework. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within Microsoft .NET XAML Browser Application (XBAP) handling of Clipboard object data. It is possible to cause unsafe memory access within System.Windows.Forms.Clipboard, allowing an attacker to control the memory used by an object's native code. This unsafe access allows for control of a function pointer, which can be exploited to remotely execute code. In the case of Internet Explorer, execution of attacker code occurs outside of the Protected Mode sandbox.
-
15:22
»
Packet Storm Security Advisories
The vulnerability described in this document can be exploited by a malicious Web page to execute arbitrary code with low integrity. Active scripting must be enabled, and the present exploitation techniques require that font downloading be set to "Enable" or "Prompt" and that the "mailto:" protocol be present. (These requirements are satisfied by default on Windows XP, Windows Vista, and Windows 7.) The user is presented with a message box which must be dismissed before code execution can occur.
-
15:22
»
Packet Storm Security Recent Files
The vulnerability described in this document can be exploited by a malicious Web page to execute arbitrary code with low integrity. Active scripting must be enabled, and the present exploitation techniques require that font downloading be set to "Enable" or "Prompt" and that the "mailto:" protocol be present. (These requirements are satisfied by default on Windows XP, Windows Vista, and Windows 7.) The user is presented with a message box which must be dismissed before code execution can occur.
-
15:22
»
Packet Storm Security Misc. Files
The vulnerability described in this document can be exploited by a malicious Web page to execute arbitrary code with low integrity. Active scripting must be enabled, and the present exploitation techniques require that font downloading be set to "Enable" or "Prompt" and that the "mailto:" protocol be present. (These requirements are satisfied by default on Windows XP, Windows Vista, and Windows 7.) The user is presented with a message box which must be dismissed before code execution can occur.
-
-
17:27
»
Packet Storm Security Exploits
This Metasploit module exploits a heap overflow vulnerability in Internet Explorer caused by an incorrect handling of the span attribute for col elements from a fixed table, when they are modified dynamically by javascript code.
-
17:27
»
Packet Storm Security Recent Files
This Metasploit module exploits a heap overflow vulnerability in Internet Explorer caused by an incorrect handling of the span attribute for col elements from a fixed table, when they are modified dynamically by javascript code.
-
17:27
»
Packet Storm Security Misc. Files
This Metasploit module exploits a heap overflow vulnerability in Internet Explorer caused by an incorrect handling of the span attribute for col elements from a fixed table, when they are modified dynamically by javascript code.
-
-
10:38
»
Packet Storm Security Exploits
This Metasploit module exploits a type confusion vulnerability in the OLE32 component of Windows XP SP3. The vulnerability exists in the CPropertyStorage::ReadMultiple function. A Visio document with a specially crafted Summary Information Stream embedded allows to get remote code execution through Internet Explorer, on systems with Visio Viewer installed.
-
10:38
»
Packet Storm Security Recent Files
This Metasploit module exploits a type confusion vulnerability in the OLE32 component of Windows XP SP3. The vulnerability exists in the CPropertyStorage::ReadMultiple function. A Visio document with a specially crafted Summary Information Stream embedded allows to get remote code execution through Internet Explorer, on systems with Visio Viewer installed.
-
10:38
»
Packet Storm Security Misc. Files
This Metasploit module exploits a type confusion vulnerability in the OLE32 component of Windows XP SP3. The vulnerability exists in the CPropertyStorage::ReadMultiple function. A Visio document with a specially crafted Summary Information Stream embedded allows to get remote code execution through Internet Explorer, on systems with Visio Viewer installed.
-
-
18:33
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-014 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Easy Printer Care. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XMLSimpleAccessor ActiveX control (CLSID: {466576F3-19B6-4FF1-BD48-3E0E1BFB96E9}). By passing an overlong string to the LoadXML() method it is possible to trigger a heap corruption vulnerability. A remote attacker could exploit this vulnerability to execute arbitrary code on the affected machine under the context of the user running the Internet Explorer process.
-
18:33
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-014 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Easy Printer Care. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XMLSimpleAccessor ActiveX control (CLSID: {466576F3-19B6-4FF1-BD48-3E0E1BFB96E9}). By passing an overlong string to the LoadXML() method it is possible to trigger a heap corruption vulnerability. A remote attacker could exploit this vulnerability to execute arbitrary code on the affected machine under the context of the user running the Internet Explorer process.
-
18:33
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-014 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Easy Printer Care. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XMLSimpleAccessor ActiveX control (CLSID: {466576F3-19B6-4FF1-BD48-3E0E1BFB96E9}). By passing an overlong string to the LoadXML() method it is possible to trigger a heap corruption vulnerability. A remote attacker could exploit this vulnerability to execute arbitrary code on the affected machine under the context of the user running the Internet Explorer process.
-
-
17:49
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
17:49
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
17:44
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
16:09
»
SecuriTeam
This vulnerability allows remote attackers to escape Protected Mode on vulnerable installations of Internet Explorer.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
15:34
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
14:44
»
Packet Storm Security Recent Files
Whitepaper called Browser Security Comparison: A Quantitative Approach. The Accuvant LABS research team completed an extensive security evaluation of the three most widely used browsers – Mozilla Firefox, Google Chrome, and Microsoft Internet Explorer – to determine which browser best secures against attackers. The team used a completely different and more extensive methodology than previous, similar studies. They compared browsers from a layered perspective, taking into account security architecture and anti-exploitation techniques.
-
14:44
»
Packet Storm Security Misc. Files
Whitepaper called Browser Security Comparison: A Quantitative Approach. The Accuvant LABS research team completed an extensive security evaluation of the three most widely used browsers – Mozilla Firefox, Google Chrome, and Microsoft Internet Explorer – to determine which browser best secures against attackers. The team used a completely different and more extensive methodology than previous, similar studies. They compared browsers from a layered perspective, taking into account security architecture and anti-exploitation techniques.
-
-
19:25
»
Packet Storm Security Advisories
Secunia Security Advisory - A weakness has been discovered in Microsoft Internet Explorer, which can be exploited by malicious people to disclose sensitive information.
-
-
18:19
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
19:10
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2011-284A - There are multiple vulnerabilities in Microsoft Windows, .NET Framework, Silverlight, Internet Explorer, Forefront Unified Access Gateway, and Host Integration Server. Microsoft has released updates to address these vulnerabilities.
-
19:10
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2011-284A - There are multiple vulnerabilities in Microsoft Windows, .NET Framework, Silverlight, Internet Explorer, Forefront Unified Access Gateway, and Host Integration Server. Microsoft has released updates to address these vulnerabilities.
-
19:10
»
Packet Storm Security Misc. Files
Technical Cyber Security Alert 2011-284A - There are multiple vulnerabilities in Microsoft Windows, .NET Framework, Silverlight, Internet Explorer, Forefront Unified Access Gateway, and Host Integration Server. Microsoft has released updates to address these vulnerabilities.
-
-
16:59
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
16:59
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
9:06
»
Packet Storm Security Recent Files
Malicious software also known as "Malcode" or "Malware" can compromise the security and functionality of a program. Once "installed" it monitors the user’s habits. This documents introduces this kind of threats by spying a widespread internet browser.
-
9:06
»
Packet Storm Security Misc. Files
Malicious software also known as "Malcode" or "Malware" can compromise the security and functionality of a program. Once "installed" it monitors the user’s habits. This documents introduces this kind of threats by spying a widespread internet browser.
-
-
13:59
»
SecuriTeam
This vulnerability allows remote attackers to leak information on vulnerable installations of Internet Explorer.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
21:31
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2011-221A - There are multiple vulnerabilities in Microsoft Windows, Microsoft Office, Internet Explorer, .NET Framework, and Microsoft Developer Tools. Microsoft has released updates to address these vulnerabilities.
-
21:31
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2011-221A - There are multiple vulnerabilities in Microsoft Windows, Microsoft Office, Internet Explorer, .NET Framework, and Microsoft Developer Tools. Microsoft has released updates to address these vulnerabilities.
-
21:31
»
Packet Storm Security Misc. Files
Technical Cyber Security Alert 2011-221A - There are multiple vulnerabilities in Microsoft Windows, Microsoft Office, Internet Explorer, .NET Framework, and Microsoft Developer Tools. Microsoft has released updates to address these vulnerabilities.
-
21:19
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-249 - This vulnerability allows remote attackers to escape Protected Mode on vulnerable installations of Internet Explorer. Internet Explorer Protected Mode consists of a Medium Integrity and a Low Integrity process. The Low Integrity process is only allowed to write to special Low Integrity locations. File written there are marked as Low Integrity files. When a new Internet Explorer process is launched it checks the Integrity of the file it is launched against. If the file is a Low Integrity file it will run the process in Low Integrity Mode. It is however possible to give the file an even lower permission: Untrusted, since this does not match the check for 'Low Integrity' the Internet Explorer will run in Medium Integrity instead of Low Integrity. This can be abused in an exploit to bypass the Protected Mode design and thus allow an attacker to escalate their privileges.
-
21:19
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-249 - This vulnerability allows remote attackers to escape Protected Mode on vulnerable installations of Internet Explorer. Internet Explorer Protected Mode consists of a Medium Integrity and a Low Integrity process. The Low Integrity process is only allowed to write to special Low Integrity locations. File written there are marked as Low Integrity files. When a new Internet Explorer process is launched it checks the Integrity of the file it is launched against. If the file is a Low Integrity file it will run the process in Low Integrity Mode. It is however possible to give the file an even lower permission: Untrusted, since this does not match the check for 'Low Integrity' the Internet Explorer will run in Medium Integrity instead of Low Integrity. This can be abused in an exploit to bypass the Protected Mode design and thus allow an attacker to escalate their privileges.
-
21:19
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-249 - This vulnerability allows remote attackers to escape Protected Mode on vulnerable installations of Internet Explorer. Internet Explorer Protected Mode consists of a Medium Integrity and a Low Integrity process. The Low Integrity process is only allowed to write to special Low Integrity locations. File written there are marked as Low Integrity files. When a new Internet Explorer process is launched it checks the Integrity of the file it is launched against. If the file is a Low Integrity file it will run the process in Low Integrity Mode. It is however possible to give the file an even lower permission: Untrusted, since this does not match the check for 'Low Integrity' the Internet Explorer will run in Medium Integrity instead of Low Integrity. This can be abused in an exploit to bypass the Protected Mode design and thus allow an attacker to escalate their privileges.
-
-
23:36
»
Packet Storm Security Advisories
Secunia Security Advisory - A vulnerability has been reported in Internet Explorer, which can be exploited by malicious people to conduct cross-site scripting attacks.
-
-
18:39
»
SecuriTeam
Microsoft Internet Explorer contains a vulnerability caused by a use-after-free error in the "CSpliceTreeEngine::InsertSplice()" function within the MSHTML library when handling layouts.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
18:34
»
SecuriTeam
Microsoft Internet Explorer contains a memory corruption vulnerability in Property Change.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
5:46
»
Packet Storm Security Exploits
This Metasploit module exploits a use-after-free vulnerability in Internet Explorer. The vulnerability occurs when an invalid object tag exists and other elements overlap/cover where the object tag should be when rendered (due to their styles/positioning). The mshtml!CObjectElement is then freed from memory because it is invalid. However, the mshtml!CDisplay object for the page continues to keep a reference to the freed and attempts to call a function on it, leading to the use-after-free.
-
5:46
»
Packet Storm Security Recent Files
This Metasploit module exploits a use-after-free vulnerability in Internet Explorer. The vulnerability occurs when an invalid object tag exists and other elements overlap/cover where the object tag should be when rendered (due to their styles/positioning). The mshtml!CObjectElement is then freed from memory because it is invalid. However, the mshtml!CDisplay object for the page continues to keep a reference to the freed and attempts to call a function on it, leading to the use-after-free.
-
5:46
»
Packet Storm Security Misc. Files
This Metasploit module exploits a use-after-free vulnerability in Internet Explorer. The vulnerability occurs when an invalid object tag exists and other elements overlap/cover where the object tag should be when rendered (due to their styles/positioning). The mshtml!CObjectElement is then freed from memory because it is invalid. However, the mshtml!CDisplay object for the page continues to keep a reference to the freed and attempts to call a function on it, leading to the use-after-free.
-
-
19:49
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Internet Explorer.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
15:30
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2011-102A - There are multiple vulnerabilities in Microsoft Windows, Office, Internet Explorer, and Visual Studio. Microsoft has released updates to address these vulnerabilities.
-
15:30
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2011-102A - There are multiple vulnerabilities in Microsoft Windows, Office, Internet Explorer, and Visual Studio. Microsoft has released updates to address these vulnerabilities.
-
15:30
»
Packet Storm Security Misc. Files
Technical Cyber Security Alert 2011-102A - There are multiple vulnerabilities in Microsoft Windows, Office, Internet Explorer, and Visual Studio. Microsoft has released updates to address these vulnerabilities.
-
-
16:45
»
SecuriTeam
Microsoft Internet Explorer contains a Vulnerability caused by use-after-free vulnerability when handling certain animation behaviours.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
18:20
»
SecuriTeam
Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Internet Explorer could allow an attacker to execute arbitrary code with the privileges of the current user.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
17:35
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-02 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. This vulnerability was submitted to the ZDI via at the annual Pwn2Own competition at CanSecWest. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the MSADO component. When handling the a user specified CacheSize property the process uses this value to calculate the 'real' cache size. This value is used without proper validation. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
-
17:35
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-02 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. This vulnerability was submitted to the ZDI via at the annual Pwn2Own competition at CanSecWest. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the MSADO component. When handling the a user specified CacheSize property the process uses this value to calculate the 'real' cache size. This value is used without proper validation. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
-
17:35
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-02 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. This vulnerability was submitted to the ZDI via at the annual Pwn2Own competition at CanSecWest. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the MSADO component. When handling the a user specified CacheSize property the process uses this value to calculate the 'real' cache size. This value is used without proper validation. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
-
-
10:56
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
10:51
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
22:01
»
Packet Storm Security Recent Files
Core Security Technologies Advisory - Microsoft Windows is prone to a memory corruption vulnerability when instantiating the 'HtmlDlgHelper Class Object' in a Microsoft Office Document (ie: .XLS, .DOC). The affected vulnerable module is part of Internet Explorer ('mshtmled.dll'). This vulnerability could be used by a remote attacker to execute arbitrary code with the privileges of the user that opened the malicious file.
-
22:01
»
Packet Storm Security Exploits
Core Security Technologies Advisory - Microsoft Windows is prone to a memory corruption vulnerability when instantiating the 'HtmlDlgHelper Class Object' in a Microsoft Office Document (ie: .XLS, .DOC). The affected vulnerable module is part of Internet Explorer ('mshtmled.dll'). This vulnerability could be used by a remote attacker to execute arbitrary code with the privileges of the user that opened the malicious file.
-
-
17:25
»
SecuriTeam
A critical vulnerability was discovered affecting Microsoft Internet Explorer.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
11:11
»
SecuriTeam
A critical vulnerability was discovered affecting Microsoft Internet Explorer.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
12:51
»
SecuriTeam
A critical vulnerability was discovered affecting Microsoft Internet Explorer.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
18:36
»
SecuriTeam
Multiple Denial of Service vulnerabilities were discovered in known Browsers.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
16:59
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
13:57
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
21:02
»
SecDocs
Authors:
Paul Stone Tags:
XSS CSRF clickjacking Event:
Black Hat EU 2010 Abstract: Clickjacking is a technique that can be used to trick users into performing unintended actions on a website by formatting a web page so that the victim clicks on concealed links, typically hidden within an IFRAME. However, in comparison to other browser-based attacks such as XSS (Cross-site Scripting) and CSRF (Cross-site Request Forgery), Clickjacking has hitherto been regarded as a limited attack technique in terms of consequences for the victim and the scenarios in which it can be used. During this talk I intend to demonstrate that this assumption is incorrect, and that today’s Clickjacking techniques can be extended to perform powerful new attacks that can affect any web application. This talk will cover the basics of Clickjacking, quickly moving on to more powerful, and newly developed, techniques. The presentation will explore further ways in which a user can be tricked into interacting with a victim site and how these can lead to attacks such as injecting data into an application (bypassing all current CSRF protections) and the extraction of data from websites without the user’s knowledge. The demo will show several cross-browser techniques, and newly released browser-specific vulnerabilities in Internet Explorer, Firefox and Safari/Chrome which can be used to take full control of a web application. I will also be demonstrating and releasing a new tool that allows for easy point-and-click creation of multi-step Clickjacking attacks on any web application, by visually selecting the links, buttons, fields and data to be targeted. The tool will highlight the need for improved Clickjacking defences in both browsers and web applications.
-
21:02
»
SecDocs
Authors:
Paul Stone Tags:
XSS CSRF clickjacking Event:
Black Hat EU 2010 Abstract: Clickjacking is a technique that can be used to trick users into performing unintended actions on a website by formatting a web page so that the victim clicks on concealed links, typically hidden within an IFRAME. However, in comparison to other browser-based attacks such as XSS (Cross-site Scripting) and CSRF (Cross-site Request Forgery), Clickjacking has hitherto been regarded as a limited attack technique in terms of consequences for the victim and the scenarios in which it can be used. During this talk I intend to demonstrate that this assumption is incorrect, and that today’s Clickjacking techniques can be extended to perform powerful new attacks that can affect any web application. This talk will cover the basics of Clickjacking, quickly moving on to more powerful, and newly developed, techniques. The presentation will explore further ways in which a user can be tricked into interacting with a victim site and how these can lead to attacks such as injecting data into an application (bypassing all current CSRF protections) and the extraction of data from websites without the user’s knowledge. The demo will show several cross-browser techniques, and newly released browser-specific vulnerabilities in Internet Explorer, Firefox and Safari/Chrome which can be used to take full control of a web application. I will also be demonstrating and releasing a new tool that allows for easy point-and-click creation of multi-step Clickjacking attacks on any web application, by visually selecting the links, buttons, fields and data to be targeted. The tool will highlight the need for improved Clickjacking defences in both browsers and web applications.