Re: [Full-Disclosure] MSIE <IFRAME> and <FRAME> tag NAME property bufferoverflow PoC exploit (was: python does mangleme (with IE bugs!))

From: Menashe Eliezer (menashe_at_finjan.com)
Date: 11/08/04

Next message: Conectiva Updates: "[CLA-2004:888] Conectiva Security Announcement - libtiff3"

Previous message: Martin Schulze: "[SECURITY] [DSA 586-1] New ruby packages fix denial of service"
Maybe in reply to: morning_wood: "Re: [Full-Disclosure] MSIE <IFRAME> and <FRAME> tag NAME property bufferoverflow PoC exploit (was: python does mangleme (with IE bugs!))"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 8 Nov 2004 04:34:00 -0000
To: bugtraq@securityfocus.com

('binary' encoding is not supported, stored as-is) In-Reply-To: <BAY10-DAV29UqLpHkat00000751@hotmail.com>

The published exploit is working also with the <EMBED> tag, and not just with the <IFRAME> and the <FRAME> tags.
Finjan's advisory can be found at: http://www.finjan.com/SecurityLab/AttackandExploitReports/alert_show.asp?attack_release_id=114

==
Regards,
Menashe Eliezer
Senior application security architect
Malicious Code Research Center
Finjan Software
http://www.finjan.com/mcrc

Prevention is the best cure!

Next message: Conectiva Updates: "[CLA-2004:888] Conectiva Security Announcement - libtiff3"

Previous message: Martin Schulze: "[SECURITY] [DSA 586-1] New ruby packages fix denial of service"
Maybe in reply to: morning_wood: "Re: [Full-Disclosure] MSIE <IFRAME> and <FRAME> tag NAME property bufferoverflow PoC exploit (was: python does mangleme (with IE bugs!))"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]