By combining the Microsoft Internet Explorer cache file disclosure vulnerability with several other unpatched vulnerabilities, a malicious INTERNET page can reach the MYCOMPUTER zone. Link to two demonstrations included.
cc43c3bb8c3472af6421059b2f7d473dcbcc23680fa944324c5fc42c247a1411Microsoft Internet Explorer v6.SP1 and below has a vulnerable download function that can be exploited by a malicious attacker to gain access to a user's cache directory. Link to two demonstrations included.
dcaee30b8ef3a1cceeae51d751d897cc6278c21e1025eac9cf682ea1ae4fd7abA cross-zone scripting vulnerability has been found in Internet Explorer. If a web page contains some sub-frame, its security zone may be compromised. Link to a demonstration included.
a7c936db9ccb610dafbe96908b866aeba03e8da8fc499b043cc313c4e16d79efAfter applying the patch for MS03-048, Windows is still susceptible to the Hijack Click attack when performed in conjunction with the method caching attack which can make the window.move accessible again. Link to a demonstration included.
a06ff9d109e90948b1621c8cc5f4399cd3f2acd4266b9a925067a1f7cac1a306
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed