Concurrency strikes MSIE (potentially exploitable msxml3 flaws)

Published: 2007-01-05
Last Updated: 2007-01-09 02:29:36 UTC
by Adrien de Beaupre (Version: 1)
0 comment(s)
As reported on full-disclosure, MS Internet Explorer is vulnerable to a race condition. The PoC is a Denial of Service, it causes IE 6 to stop responding when tested, other versions are also likely vulnerable. Likely more to report on this flaw in the AM. The author reports that it is possible this issue could lead to remote compromise.

Update:
CVE will be CVE-2007-0099

Cheers,
Adrien de Beaupre 
Keywords:
0 comment(s)

Comments


Diary Archives