Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Security Basics: RE: What is your take on the recent IE Problems

RE: What is your take on the recent IE Problems

From: Tran, John <John.Tran_at_unisys.com>
Date: Mon, 1 Dec 2003 12:06:02 -0500

Microsoft say that there will be another patch release early in December to fix these issue. There next date for patch release is on December 9th. This MESON-048 has been giving me problem the first time my company installed it on user machine. I advise to wait for the next patch release to installed.

-----Original Message-----
From: Rob McShinsky [mailto:Rob_at_McShinsky.com]
Sent: Monday, December 01, 2003 10:05 AM
To: security-basics_at_securityfocus.com
Cc: focus-virus_at_securityfocus.com
Subject: What is your take on the recent IE Problems

What do you think are the real realworld possibilities of a problem?

(1) HIGH: Microsoft Internet Explorer Multiple Vulnerabilities

Affected Products:

Internet Explorer 6.0

Possibly Internet Explorer versions 5.01 and 5.5

Description:

Multiple new vulnerabilities have been reported in Internet Explorer which
can be exploited in tandem by a malicious website to execute arbitrary code
and/or access sensitive information on a system running a fully patched
browser (with the latest MS03-048 patch installed).

Technical details and proof-of-concept exploits have been posted.

Status: Vendor has not confirmed, no patch is available.

Council Site Actions:

Due to the late-breaking nature of this problem, we were unable to solicit
input from the council sites.

References:

Postings by Liu Die Yu (discovered the vulnerabilities)
http://archives.neohapsis.com/archives/fulldisclosure/2003-q4/2906.html

http://archives.neohapsis.com/archives/bugtraq/2003-11/0309.html

http://archives.neohapsis.com/archives/bugtraq/2003-11/0302.html

http://archives.neohapsis.com/archives/bugtraq/2003-11/0308.html

http://archives.neohapsis.com/archives/bugtraq/2003-11/0307.html

http://archives.neohapsis.com/archives/bugtraq/2003-11/0305.html

http://archives.neohapsis.com/archives/bugtraq/2003-11/0303.html

http://archives.neohapsis.com/archives/bugtraq/2003-11/0298.html

http://archives.neohapsis.com/archives/bugtraq/2003-11/0297.html

Secunia Advisory

http://www.secunia.com/advisories/10289/

---------------------------------------------------------------------------
----------------------------------------------------------------------------

---------------------------------------------------------------------------
----------------------------------------------------------------------------
Received on Dec 01 2003

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos