IE6 and IE7 0-Day Exploit Reported

Rmus · Nov 22, 2009

IE6 and IE7 0-Day Reported
http://isc.sans.org/diary.html?storyid=7624

According to VUPEN security:

A vulnerability has been identified in Microsoft Internet Explorer, which could be exploited by attackers to compromise a vulnerable system.
Click to expand...

Zero-Day Internet Explorer Exploit Published
http://www.symantec.com/connect/blogs/zero-day-internet-explorer-exploit-published

The exploit targets a vulnerability in the way Internet Explorer uses cascading style sheet (CSS) information. CSS is used in many Web pages to define the presentation of the sites’ content.

For an attacker to launch a successful attack, they must lure victims to their malicious Web page or a Web site they have compromised.

In both cases, the attack requires JavaScript to exploit Internet Explorer.
Click to expand...

At this time, no web sites with the exploit code have been reported.

----
rich

Log in or Sign up

IE6 and IE7 0-Day Exploit Reported

Rmus Exploit Analyst

Log in or Sign up

IE6 and IE7 0-Day Exploit Reported

Rmus Exploit Analyst

Useful Searches