Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: IE unspecified remote code execution vulnerability - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
IE unspecified remote code execution vulnerability
Bugtaq has a report of an unspecified remote code execution vulnerability for IE 6 (it doesn't say IE 7 is *not* vulnerable, it doesn't say anything). The post is complete with proof-of-concept code.  The vulnerability would allow an attacker to run code with the permissions of the user running IE. There is a 4 page paper in PDF format that discusses the bug.  At this point I haven't seen any other advisories.  More information when we have it.

Cisco (??) has an advisory out on this one.  They state it is anything IE 6 SP2 and before, which I read to imply IE 7 is fine.  More specific info is included here. The problem exists with WScript.Shell which allows malicious JavaScript to do some nastiness to your machine.  Long and short, it could be ugly, it might not be.  More info is needed.  But it's another exploit that requires bringing the victim to the exploit.

This is actually code to do the same thing as CVE 2006-4704, i.e. exploit the same bug, so it's not all the new.
John Bambenek
bambenek /at/ gmail (dot) com

262 Posts
ISC Handler
Nov 1st 2006

Sign Up for Free or Log In to start participating in the conversation!