iDefense Security Advisory 12.08.09 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Internet Explorer could allow an attacker to execute arbitrary code with the privileges of the current user. iDefense confirmed the existence of this vulnerability in Internet Explorer versions 6 and 7. Internet Explorer versions 5 and 8 do not appear to be affected.
02c288bac610a30750b24e5ac7d76b96ca73822fa4f83a51387d4eb8f92e1474Zero Day Initiative Advisory 12-141 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the .NET Framework. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within Microsoft .NET XAML Browser Application (XBAP) handling of Clipboard object data. It is possible to cause unsafe memory access within System.Windows.Forms.Clipboard, allowing an attacker to control the memory used by an object's native code. This unsafe access allows for control of a function pointer, which can be exploited to remotely execute code. In the case of Internet Explorer, execution of attacker code occurs outside of the Protected Mode sandbox.
8a9c280b793fd5689ee6d1eab372451da1a6ddfa522f51fffe5b3eeaf469a90fThe Timed Interactive Multimedia Extensions (aka HTML+TIME) implementation in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized or is deleted, aka "Time Element Memory Corruption Vulnerability." This is an exploit for the vulnerability noted in MS11-050.
ce6d03f8afb8da5e9fab7773161352eac8d3bfb7b25bc19d2aa5c97279ad7812Secunia Security Advisory - Four vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system.
70502b5fe87c4f29098d2c8751c89e58a22209d9389244c268fa0039fb22f885This Metasploit module exploits a heap overflow vulnerability in Internet Explorer caused by an incorrect handling of the span attribute for col elements from a fixed table, when they are modified dynamically by javascript code.
aaf1f1bff58af8d0e890f965766d5618a2de8a76a4a4edc1da853071f2054364Since the 30th of May 2012 hackers were abusing the Microsoft XML core services vulnerability. The 10th of July 2012 Microsoft finally published a security advisory which fixes this issue. The present document and video explains the details about this fix. As a lab test they used a Windows XP workstation with Service Pack 3. The Internet explorer version is 6.0.
0663e2de1f39f4495717f0290d861ffdd11a1fe7f2edc6deba2d85db93bac5bdThe *toStaticHTML* component, which is found in Internet Explorer versions greater than 8, SharePoint and Lync is used to sanitize HTML fragments from dynamic and potentially malicious content. An attacker is able to create a specially formed CSS that will overcome * toStaticHTML*'s security logic; therefore, after passing the specially crafted CSS string through the *toStaticHTML* function, it will contain an expression that triggers a JavaScript call.
250fdc51b42fbad45e46c18cf75919ff7aaf7e27a4da2764383c71b6233a3cdbSecunia Security Advisory - Two vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system.
84a1fa669cf6796af94a2b5ad3cc111d784d806346758adec23e5e5813a65f56Secunia Security Advisory - NGS Secure has reported a vulnerability in the Graph Explorer component for Nagios XI, which can be exploited by malicious people to compromise a vulnerable system.
70e8658f900010652d1c9da0f93f05d34f46f45329aab9b9eb20bfa9eb4f5bc2There is a file handling denial of service in GIMP (the GNU Image Manipulation Program) for the 'fit' file format affecting all versions (Windows and Linux) up to 2.8.0. A file in the fit format with a malformed 'XTENSION' header will cause a crash in the GIMP program. The flaw is triggered by opening a crafted 'fit' file or allowing the file explorer dialog to preview the file. Proof of concept included.
0341418c409c2905c278b5539d3f0236be8f96cdfce5f9140782b205443ab209Technical Cyber Security Alert 2012-174A - Microsoft Security Advisory (2719615) warns of active attacks using a vulnerability in Microsoft XML Core Services. Microsoft Internet Explorer and Microsoft Office can be used as attack vectors.
0c812057868f3aa30c32aad25076f9d58f948634874ad313df23ae18d0447418VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a heap overflow error in the mshtml.dll module when processing "Col" elements, which could allow remote attackers to leak memory and execute arbitrary code despite ASLR and DEP.
58b473d4348bb610fc06c374fb2c748a08cf5103cd4a273b9e7f79bc45b2b21eVUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the mshtml.dll module when processing GetAtomTable objects, which could allow remote attackers to leak memory and execute arbitrary code despite ASLR and DEP.
8e4efee72018e74d74bd0e481367967504569eb75b76d4050a7fef60ffc11887VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the mshtml.dll module when processing CollectionCache objects, which could allow remote attackers to leak memory and execute arbitrary code despite ASLR and DEP.
e3d29879255e1ff2003388a8d7447ab0c086cfdc1cb25b9bc5b4605cfe1e6951This Metasploit module exploits a memory corruption flaw in Internet Explorer 8 when handling objects with the same ID property. At the moment this module targets IE8 over Windows XP SP3 through the heap massaging plus heap spray as exploited in the wild.
20f72fec96a5590b5bee38dc7ead6c6f34987bffcedca8f42c8054df4bedc309Code Audit Labs has discovered that Microsoft Internet Explorer versions 8 and 9 suffer from a use-after-free vulnerability in the developer toolbar.
f7298e95d2549588ea1cd82324a1caedfe0a90734ffc624026081336553170f8Code Audit Labs has discovered a remote code execution vulnerability in Microsoft Internet Explorer 8 due to a use-after-free issue having to do with property ids.
d90822cc1fdf82eaf50e354edf2ba9269a59ae2ff8196eb2ba50bfbd36cfe29bZero Day Initiative Advisory 12-093 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Internet Explorer handles dynamically changed colspans on a column in a table with the table-layout:fixed style. If the colspan is increased after initial creation it will result in a heap overflow. This can lead to remote code execution under the context of the current program.
8f092c9a13be63d1f680705e9f626e08f3dffdf52fc8e721397a923db23101f6Secunia Security Advisory - Multiple vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to disclose sensitive information, conduct cross-site scripting attacks, and compromise a user's system.
88dffe2d8b0c345ca1976d0ac3df021926a27395c6886d334d5adbd44fa21c15This Metasploit module exploits a remote code execution vulnerability in the tsgetx71ex553.dll ActiveX control installed with Tom Sawyer GET Extension Factory due to an incorrect initialization under Internet Explorer. While the Tom Sawyer GET Extension Factory is installed with some versions of VMware Infrastructure Client, this module has been tested only with the versions installed with Embarcadero Technologies ER/Studio XE2 / Embarcadero Studio Portal 1.6. The ActiveX control tested is tsgetx71ex553.dll, version 5.5.3.238. This Metasploit module achieves DEP and ASLR bypass using the well known msvcr71.dll rop chain. The dll is installed by default with the Embarcadero software, and loaded by the targeted ActiveX.
9ea26d2b6cb47fda41b9580e28eab68d2c736833da3e4ee9317fb28219b79c3fThis Metasploit module exploits a type confusion vulnerability in the OLE32 component of Windows XP SP3. The vulnerability exists in the CPropertyStorage::ReadMultiple function. A Visio document with a specially crafted Summary Information Stream embedded allows to get remote code execution through Internet Explorer, on systems with Visio Viewer installed.
38a04eb9235c0ff6ef85f3b9bba40470be0f95a7efe95b58a475e3f84a0afc55Secunia Security Advisory - Walied Assar has discovered a vulnerability in PE Explorer, which can be exploited by malicious people to compromise a user's system.
174fa397300ee5bbd89015e6a7bcbb811b6060fcf69db1ba4168906c9f4a8c86PE Explorer version 1.99 R56 suffers from a heap overflow vulnerability.
e9a723129f4d42d273ad75b79f4e8dcd1f39ea59001536f77e5ecd4034db95ceVUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error within the "vgx.dll" component when processing certain VML behaviors, which could be exploited by attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.
b26b14f8e0513c5015cfa528b828f45892990e4d864673868941be4f05ba2bf9Radiography is a forensic tool which grabs as much information as possible from a Windows system. It checks registry keys related to start up processes, registry keys with Internet Explorer settings, host file contents, taskScheduler tasks, loaded system drivers, uses WinUnhide to catch hidden processes, and does much more.
be7394b4ce9a474ce4d3c0d3ddd25f7e3f4940ae86f346304bfb881bc6e41ad4Technical Cyber Security Alert 2012-101A - There are multiple vulnerabilities in Microsoft Windows, Internet Explorer, Microsoft .NET Framework, Microsoft Office, Microsoft Server Software, Microsoft SQL Server, Microsoft Developer Tools, and Microsoft Forefront United Access Gateway. Microsoft has released updates to address these vulnerabilities.
2151cce31ecc67c5f890478458d9f102d21fc5c5acf8bed6a032535dcfa65a58
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed