Exploit for unpatched IE vuln fuels hacker fears
|
Aug. 19, 2005, 08:59 PM
Post: #1
|
|||
|
|||
Exploit for unpatched IE vuln fuels hacker fears
http://securityfocus.com/news/11289
A filter for this exploit has been included in v4.37 of my Browser Security Pack. If you would like a standalone filter, here it is Code: [Patterns] |
|||
Aug. 19, 2005, 09:17 PM
Post: #2
|
|||
|
|||
Thanks, i'll also add it to my ClassIDs list.
Did you come across a testcase? sidki |
|||
Aug. 19, 2005, 09:38 PM
Post: #3
|
|||
|
|||
http://isc.sans.org/diary.php?date=2005-08-18
Look in the section: "How do I recognize a web page which contains exploit code?" Their example is incorrect. Here is a correct example: Code: [object classid="clsid:EC444CB6-3E7E-4865-B1C3-0DE72EF39B3F"][/object] (change the square brackets to pointy brackets) Their example is missing the "clsid:" portion. Here is a proper PoC: http://www.securitytracker.com/alerts/20...14727.html |
|||
Aug. 20, 2005, 09:35 AM
Post: #4
|
|||
|
|||
The Perl script from your last link worked fine! The compiled page also grabs a huge amount of memory in my browsers btw.
Anyway, for those using the ClassIDs list, here is the new entry for its "Exploits" section: Code: # http://www.securitytracker.com/alerts/2005/Aug/1014727.html sidki |
|||
« Next Oldest | Next Newest »
|