Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: Internet Explorer msxml3 concurrency problems: update - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Internet Explorer msxml3 concurrency problems: update
The CVE-2007-0099 vulnerability has a potential for remote code execution that could make it much more critical than a plain DoS problem as demonstrated by the publicly known exploit.

In our interactions we have been led to believe that the remote code execution vector is too hard to control to be of any practical use to the hackers. Therefore we updated our overview table to reflect a Less Urgent need to act on it.

--
Swa Frantzen -- net2s.com
Swa

760 Posts

Sign Up for Free or Log In to start participating in the conversation!