begin risky.vbs
<1tic4v676amwh.dlg@xxxxxxxxxxxxxxx>,
Erik Funkenbusch <erik@xxxxxxxxxxxxxxxxxxxxxx> writes:
> On Sat, 07 Oct 2006 11:20:55 +0100, Roy Schestowitz wrote:
>
>> Another zero day... Setslice is in the wild
>>
>> ,----[ Quote ]
>>| Busy past few weeks... first the VML exploit (now patched by
>>| Microsoft), then the daxtcle.ocx exploit (not patched yet), and
>>| then last night, our friend Roger Thompson reported seeing another
>>| exploit, commonly referred to as ?setslice? [since it uses the
>>| setslice() method to exploit] in the wild.
>> `----
>>
>> http://hackersblog.itproportal.com/?p=352
>
> I dunno, i went to the test page, and clicked the button, and it
> didn't crash my browser. I'm running IE7 RC1. The only thing that
> happened was it asked me to run an unsafe ActiveX control, which i
> didn't do.
http://secunia.com/advisories/22159/
Successful exploitation allows execution of arbitrary code.
NOTE: Exploit code is publicly available.
The vulnerability is confirmed on a fully patched system with
Internet Explorer 6.0 and Microsoft Windows XP SP2. Other versions
may also be affected.
--
Security is one of those funny things. You can talk about being "more"
secure, but there's no such thing. A vulnerability is a vulnerability, and
even one makes you just as insecure as anyone else. Security is a binary
condition, either you are or you aren't. - Funkenbusch 1 Oct 2006
|
|
