skip to main | skip to sidebar

Muts' Blog

Wednesday, December 10, 2008

MS Internet Explorer XML Parsing Remote Buffer Overflow Exploit

Just downloaded it from:
http://milw0rm.com/exploits/7403
Played around with it, got code exec in Vista SP1:
http://www.offensive-security.com/0day/iesploit-vista.rar




Updated my Vista Box:



After fully patching my box, the exploit was still working, giving full code exec. Yikes.
Posted by muts at 2:15 PM
Newer Post Older Post Home

Blog Archive

  • ►  2009 (4)
    • ►  May (1)
    • ►  March (1)
    • ►  January (2)
  • ▼  2008 (3)
    • ▼  December (1)
      • MS Internet Explorer XML Parsing Remote Buffer Ove...
    • ►  July (1)
    • ►  June (1)
  • ►  2007 (6)
    • ►  December (2)
    • ►  September (1)
    • ►  April (2)
    • ►  February (1)
  • ►  2006 (6)
    • ►  October (2)
    • ►  September (1)
    • ►  May (3)

Videos

  • BackTrack 3 Teaser
  • WEP Fragmentation Attack
  • Cursed Animations

Exploits

  • MS IE XML 0day
  • DivX 6.6 SRT SEH overwrite
  • HP OpenView NNM 7.5.1
  • IBM Tivoli Storage Manager
  • IBM Tivoli Provisioning Manager
  • Microsoft HLP File heap Overflow
  • Multiple Word 2007 Vulnerabilities
  • Mcafee EPO / Protection Pilot
  • IBM Lotus Domino IMAP Pre Auth
  • Eudora Quallcom IMAP Pre Auth
  • HP OpenView NNM 7.5.1

Articles

  • McAfee ePo Buffer overflow
  • GlobalScape Buffer Overflow
  • Having Fun with Cisco Routers