republican-creole
Search:  

 
theme to white backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » Internet Explorer Data Binding Memory Corruption Vuln
Search Topic:
Uniqs:
337		 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
Looking for TSP Codec? careful! »
« New Facebook.com bug?  
AuthorAll Replies


agnutam

@blutmagie.de

Internet Explorer Data Binding Memory Corruption Vuln

A vulnerability has been discovered in Internet Explorer, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a use-after-free error when composed HTML elements are bound to the same data source. This can be exploited to dereference freed memory via a specially crafted HTML document.

Successful exploitation allows execution of arbitrary code.

NOTE: Reportedly, the vulnerability is currently being actively exploited.

The vulnerability is confirmed in Internet Explorer 7 on a fully patched Windows XP SP3 and in Internet Explorer 6 on a fully patched Windows XP SP2. Other versions may also be affected.

Solution:
Do not browse untrusted websites or follow untrusted links.

Provided and/or discovered by:
Reported as a 0-day.

»secunia.com/advisories/33089/

Best to stick to open source browsers. Reap it, bitches.
to forum · permalink · 2008-12-11 12:43:25 · Reply to this


tempnexus
Premium
join:1999-08-11
Boston, MA
1 edit		»Mozilla to pull antiphishing feature from Firefox 2

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Kind of makes this issue look like Pluto eh?
to forum · permalink · · 2008-12-11 19:46:54 · Reply to this


Kayrac
Premium
join:2001-09-29
Rochester, NH

reply to agnutam
certain os's are less vulnerable

vista sp1 being one, windows server, being 2

»www.microsoft.com/technet/securi···051.mspx

that being said, repost

»Microsoft Security Advisory (961051)

open source != safety, no point releasing a 0day for a browser 6 people use
to forum · permalink · · 2008-12-11 19:50:42 · Reply to this
-
Forums » Up and Running » Security » SecurityLooking for TSP Codec? careful! »
« New Facebook.com bug?  

Tuesday, 08-Dec 21:56:15 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [193] Sprint Sued For Distracted Driving Death
· [81] 3G Network Test Says AT&T Is Tops
· [72] Mediacom Unveils 105 Mbps Pricing
· [61] Sprint Poised For A Turnaround?
· [50] The Future Of Wi-Fi Is Bright
· [47] Site Leaks Yahoo, Verizon Fed Data Share Pricing
· [47] WPA Cracker: Test WPA-PSK Networks In 20 Minutes
· [44] Microwaving Your Innards Is Not 'Extreme'
· [39] Verizon LTE: 5-12 Mbps Downstream
· [18] Verizon Settles With NJ Over Misleading FiOS Marketing
Most people now reading
· Comcast refused to install 400' feet. [Comcast HSI]
· Windows 7 boot manager editing questions [Microsoft Help]
· Servers UP!!! [World of Warcraft]
· Man Downloads Child Porn "Accidentally," Faces 20 Years [Security]
· ICC Strats??? [World of Warcraft]
· IMG 1.7 (IMG Updates and Discussion) [Verizon FIOS TV]
· Comcast Customers: Would You Prefer Metered Billing? [Comcast HSI]
· CRTC Response to ME: You will be Band F FOREVER!!! [TekSavvy]
· Holmes on Homes and HGTV in General [Home Repair & Improvement]