Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Concurrency strikes MSIE (potentially exploitable msxml3 flaws) SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Concurrency strikes MSIE (potentially exploitable msxml3 flaws)
As reported on full-disclosure, MS Internet Explorer is vulnerable to a race condition. The PoC is a Denial of Service, it causes IE 6 to stop responding when tested, other versions are also likely vulnerable. Likely more to report on this flaw in the AM. The author reports that it is possible this issue could lead to remote compromise.

CVE will be CVE-2007-0099

Adrien de Beaupre I will be teaching next: Advanced Web App Penetration Testing, Ethical Hacking, and Exploitation Techniques - SANS London November 2021 - Live Online

Adrien de Beaupre

353 Posts
ISC Handler
Jan 9th 2007

Sign Up for Free or Log In to start participating in the conversation!