As reported on full-disclosure, MS Internet Explorer is vulnerable to a race condition. The PoC is a Denial of Service, it causes IE 6 to stop responding when tested, other versions are also likely vulnerable. Likely more to report on this flaw in the AM. The author reports that it is possible this issue could lead to remote compromise.
Update: CVE will be CVE-2007-0099 Cheers, Adrien de Beaupre I will be teaching next: Advanced Web App Penetration Testing, Ethical Hacking, and Exploitation Techniques - SANS Pen Test & Offensive Training 2021 |
Adrien de Beaupre 353 Posts ISC Handler Jan 9th 2007 |
Thread locked Subscribe |
Jan 9th 2007 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!