Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: Concurrency strikes MSIE (potentially exploitable msxml3 flaws) SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Concurrency strikes MSIE (potentially exploitable msxml3 flaws)
As reported on full-disclosure, MS Internet Explorer is vulnerable to a race condition. The PoC is a Denial of Service, it causes IE 6 to stop responding when tested, other versions are also likely vulnerable. Likely more to report on this flaw in the AM. The author reports that it is possible this issue could lead to remote compromise.

CVE will be CVE-2007-0099

Adrien de Beaupre I will be teaching next: Advanced Web App Penetration Testing, Ethical Hacking, and Exploitation Techniques - SANS October Singapore 2020

Adrien de Beaupre

353 Posts
ISC Handler
Jan 9th 2007

Sign Up for Free or Log In to start participating in the conversation!