Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: New IE 0-Day Drag-N-Drop-N-PopUnder-N-GrabFocus-N-DoTheHokeyPokey Vuln. SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
New IE 0-Day Drag-N-Drop-N-PopUnder-N-GrabFocus-N-DoTheHokeyPokey Vuln.
Info on a new "0-day" IE Drag-n-Drop vulnerability can be found here.  All things considered, it looks to be a might bit "complex" to come off well, but it may very well be usable.  However, I would say that it'll probably be sitting near the bottom of the list of most popular attacks as long as we still have machines out there vulnerable to WMF and other, easier to do, nasties.
Tom

160 Posts
ISC Handler
Feb 13th 2006

Sign Up for Free or Log In to start participating in the conversation!