CRITICAL??? - Seven New Flaws in Internet Explorer not addressed by MS03-040 or MS03-048

• Previous message: Martin Blackstone: "Re: Exchange 2003 OWA major security flaw"
• Next in thread: Jakob Balle: "Re: CRITICAL??? - Seven New Flaws in Internet Explorer not addressed by MS03-040 or MS03-048"
• Reply: Jakob Balle: "Re: CRITICAL??? - Seven New Flaws in Internet Explorer not addressed by MS03-040 or MS03-048"
• Reply: Nick FitzGerald: "Re: CRITICAL??? - Seven New Flaws in Internet Explorer not addressed by MS03-040 or MS03-048"
• Maybe reply: Russ: "Re: CRITICAL??? - Seven New Flaws in Internet Explorer not addressed by MS03-040 or MS03-048"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date:         Wed, 26 Nov 2003 13:24:00 -0700
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

There is an EXPLOIT available 11/25/03 using a combination of seven new flaws discovered by Liu Die Yu which allows a properly crafted web site to download and execute arbitrary code without user intervention using Internet Explorer on a fully patched machine. I tried it myself after it was reported by Dan Drumm in our Telecom dept. and we're currently discussing the necessity of turning off Active Scripting.
Danny Kusnierz
Technical Services
Ball Corporation

Secunia Advisory:
http://www.secunia.com/advisories/9711

Demo Exploit Code (downloads and runs .exe of fire burning on computer screen without user intervention):
<http://www.safecenter.net/UMBRELLAWEBV4/1stCleanRc/1stCleanRc-Demo/index.html>

----
NTBugtraq subscribers save $103.00 off the TICSA exam by using promo
code "NT1003" when registering to take the TICSA exam at www.2test.com.
Prove to your employer and peers that you have the knowledge and
abilities to be an active stakeholder in today's enterprise security.
Become TICSA certified www.trusecure.com/ticsa.  Promotion expires
12/31/03 and cannot be used in combination with other offers.
----

• Previous message: Martin Blackstone: "Re: Exchange 2003 OWA major security flaw"
• Next in thread: Jakob Balle: "Re: CRITICAL??? - Seven New Flaws in Internet Explorer not addressed by MS03-040 or MS03-048"
• Reply: Jakob Balle: "Re: CRITICAL??? - Seven New Flaws in Internet Explorer not addressed by MS03-040 or MS03-048"
• Reply: Nick FitzGerald: "Re: CRITICAL??? - Seven New Flaws in Internet Explorer not addressed by MS03-040 or MS03-048"
• Maybe reply: Russ: "Re: CRITICAL??? - Seven New Flaws in Internet Explorer not addressed by MS03-040 or MS03-048"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: IE URL obfuscation - Detecting at Exchange Servers ... Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor ... NTBugtraq subscribers save $103.00 off the TICSA exam by using promo ... code "NT1003" when registering to take the TICSA exam at www.2test.com. ... (NT-Bugtraq) Giving IE the boot? ... www.mozilla.org check them out, IE and Netscape are not the only options out there folks. ... Jeff Thomas ... NTBugtraq subscribers save $103.00 off the TICSA exam by using promo code "NT1003" when registering to take the TICSA exam at www.2test.com. ... (NT-Bugtraq) Re: More on IE URL obfuscation ... FWIW, the %01 in the URL doesn't seem to work on IE on Mac OSX. ... NTBugtraq subscribers save $103.00 off the TICSA exam by using promo ... code "NT1003" when registering to take the TICSA exam at www.2test.com. ... (NT-Bugtraq) Re: Microsoft Security Bulletin MS03-049 - Installation problems? ... NTBugtraq subscribers save $103.00 off the TICSA exam by using promo ... code "NT1003" when registering to take the TICSA exam at www.2test.com. ... Promotion expires ... (NT-Bugtraq)