RE: Vulnerable cached objects in IE (9 advisories in 1)

From: GreyMagic Software (securityat_private)
Date: Wed Oct 23 2002 - 02:02:52 PDT

Next message: Rapid 7 Security Advisories: "R7-0008: IBM WebSphere Edge Server Caching Proxy Cross-Site Scripting Issues"

Previous message: securityat_private: "Security Update: [CSSA-2002-036.0] Linux: remote buffer overflow in webalizer reverse lookup code"
In reply to: jelmer: "Re: Vulnerable cached objects in IE (9 advisories in 1)"
Next in thread: Thor Larholm: "RE: Vulnerable cached objects in IE (9 advisories in 1)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>The external method flaw also seems to affects my ie6 sp1 browser

Indeed, it was overlooked in the final write-up of the advisory.
It's also worth mentioning that IE6 SP1 is vulnerable to the "clipboardData"
object caching as well, which, unfortunately, wasn't mentioned before.

The advisory and demonstration have been revised to reflect these and IE6
SP1 is again open to local file reading, program execution and clipboard
control in addition to global access to any domain.

http://sec.greymagic.com/adv/gm012-ie/

Next message: Rapid 7 Security Advisories: "R7-0008: IBM WebSphere Edge Server Caching Proxy Cross-Site Scripting Issues"
Previous message: securityat_private: "Security Update: [CSSA-2002-036.0] Linux: remote buffer overflow in webalizer reverse lookup code"
In reply to: jelmer: "Re: Vulnerable cached objects in IE (9 advisories in 1)"
Next in thread: Thor Larholm: "RE: Vulnerable cached objects in IE (9 advisories in 1)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Oct 23 2002 - 12:04:38 PDT