[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-Disclosure] applicable exploit for winxp-sp2-uptodate Internet Explorer
- To: bugtraq@xxxxxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxx, NTBUGTRAQ@xxxxxxxxxxxxxxxxxxxxxx
- Subject: [Full-Disclosure] applicable exploit for winxp-sp2-uptodate Internet Explorer
- From: Liu Die Yu <liudieyu@xxxxxxxxxxxxx>
- Date: Tue, 11 Jan 2005 01:46:09 -0500
patch will come in hours(at least i believe so).
many people(paul of greyhats and mike, sandblad of secunia and
shreddersub7) already provided proof-of-concept remote-code-execution
exploit for winxp-sp2-uptodate Internet Explorer.
the problem is: their code is simply not applicable in real attack. so i
made this:
http://0daymon.org/monitor/injecthh-op-2/dir/injecthh_op_2-code_by_liudieyu
http://0daymon.org/monitor/injecthh-op-2/dir.zip
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html