February 12th, 2002 09:35 PM
IE vulnerable again
GFI has recently discovered a security flaw within Internet Explorer which allows a malicious user to run arbitary code on a target machine as it attempts to view a website or an HTML email. The problem is exploited by embedding a VBA code within a Access database file (.mdb) within an Outlook Express email file or Multipart HTML (mht) file.
----[Proof of concept Exploit:
A live example of the named exploit is available on:
Read full article at www.xatrix.org