lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <BAY17-F140D2CBB291BDAD3AF5BD3876E0@phx.gbl>
From: lise_moorveld at hotmail.com (Lise Moorveld)
Subject: Sandblad's IE vulnerabilities

Hi there,

Did you guys spot this? Three vulnerabilities in IE that lead to remote code 
execution when combined. Discovered by Andreas Sandblad, apparently fixed by 
the latest cumulative IE patch (MS05-014), but not confirmed by MS.

http://secunia.com/secunia_research/2004-8/advisory/

I do miss his personal advisories, with the cute ascii-figure in his .sig:
      _     _
    o' \,=./ `o
       (o o)
---ooO--(_)--Ooo---   (c) Sandblad

But above all, I miss the detailed description... the patches are out, I 
should hope everybody installed them by now, so where is the meat?

What do you guys make from it?

For example:
"A parsing error in the "codebase" attribut of the "object" tag.
This can be exploited to execute local files with any file extension
from the "Local Computer Zone" by appending "?.exe"."

Would this be limited to binary files, or would one be able to parse an HTML 
file containing some malicious javascript with this vulnerability? Perhaps 
its related to the codebase vulnerabilities reported some time ago...

http://archives.neohapsis.com/archives/bugtraq/2003-05/0059.html

Bye,

Lise

_________________________________________________________________
MSN Search, for accurate results! http://search.msn.nl

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ