IE Object Type Overflow Exploit

From: ashat_private
Date: Wed Jul 09 2003 - 05:13:32 PDT

Next message: Matt Zimmerman: "[SECURITY] [DSA-343-1] New skk, ddskk packages fix insecure temporary file creation"

Previous message: Mike Bommarito: "Tomcat Dangerous Documentation/Tomcat Default Plaintext Password Storage"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

		     _,'|             _.-''``-...___..--';)
                     /_ \'.      __..-' ,      ,--...--'''
                    <\    .`--'''       `     /'
                    `-';'               ;   ; ;
               __...--''     ___...--_..'  .;.'
           fL (,__....----'''       (,..--''  felinemenace.org

Attached is an exploit for the Internet Explorer Object type  overflow found 
by eEye.

This exploit uses more than 56 bytes for payload unlike the only other publicly
released exploit i could find by Sir Alumni.

More details can be found within the archive.
Please read the text file before running this exploit, keep in mind it does
download a trojan.

-FelineMenace

application/x-tar attachment: fm-IE.tar

Next message: Matt Zimmerman: "[SECURITY] [DSA-343-1] New skk, ddskk packages fix insecure temporary file creation"
Previous message: Mike Bommarito: "Tomcat Dangerous Documentation/Tomcat Default Plaintext Password Storage"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jul 09 2003 - 11:34:05 PDT