Search the archives!
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] Internet Explorer Ver6.0.2800.1106 vulnerability
- From: angray at beeb.net (Aaron Gray)
- Subject: [Full-disclosure] Internet Explorer Ver6.0.2800.1106 vulnerability
- Date: Tue May 30 01:10:06 2006
>No *obvious* way to inject code. Don't rule out something like this >working: > ><script> >var exploit96 = "some long-ass string that's just printable-96 chars" >var wwidth = (window.innerWidth)?yadda yadda... > >and exploit96 just happens to end up someplace interesting/useful, and >gets successfully interpreted as executable code..... > >A few years ago, somebody found an interesting overflow-the-environment >bug in a lot of telnetd's. Of course, the *tough* part was the fact >that you had to cram literally 45 megabytes or so of crap down telnetd's >throat first, to get the memory layout where you needed it for when >something overflowed a buffer...... Ah, I am enlightened. Pritty bloody tricky thing though. Aaron
- References:
- [Full-disclosure] Internet Explorer Ver 6.0.2800.1106 vulnerability
- From: 0x80@xxxxxxx
- [Full-disclosure] Internet Explorer Ver 6.0.2800.1106 vulnerability
- From: Javor Ninov
- [Full-disclosure] Internet Explorer Ver6.0.2800.1106 vulnerability
- From: Aaron Gray
- [Full-disclosure] Internet Explorer Ver6.0.2800.1106 vulnerability
- From: Valdis.Kletnieks@xxxxxx
- [Full-disclosure] Internet Explorer Ver 6.0.2800.1106 vulnerability
- Prev by Date: [Full-Disclosure] Fwd: Re: FullDisclosure: Security aspects of time synchronization infrastructure
- Next by Date: [Full-disclosure] Backdoor in RelevantKnowledge adware (What are we fighting for?)
- Previous by thread: [Full-disclosure] Internet Explorer Ver6.0.2800.1106 vulnerability
- Next by thread: [Full-disclosure] Internet Explorer Ver6.0.2800.1106 vulnerability
- Index(es):