** HEADS UP** IE vulnerability
Results 1 to 7 of 7

Thread: ** HEADS UP** IE vulnerability

  1. #1
    StOrM™
    Join Date
    Aug 2004
    Posts
    1,003

    ** HEADS UP** IE vulnerability

    Greeting's

    vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a user's system.
    The vulnerability is caused due to error in the timing of drag-and-drop events when certain objects not derived from HTML documents (e.g. files within a folder view) are dragged. This race condition can be exploited to place arbitrary files on a user's system by tricking the user into interacting with a malicious web

    Solution is :

    Disable Active Scripting support for all but trusted sites.


    For more information :

    FULL DISCLOSURE
    http://archives.neohapsis.com/archiv...6-02/0271.html

    To verify above information :
    http://secunia.com/advisories/18787/

    Microsoft :
    http://blogs.technet.com/msrc/archiv...13/419439.aspx
    Parth Maniar,
    CISSP, CISM, CISA, SSCP

    *Thank you GOD*

    Greater the Difficulty, SWEETER the Victory.

    Believe in yourself.

  2. #2
    The Prancing Pirate
    Join Date
    Jul 2004
    Posts
    548

    YAIEV

    Yet Another Internet Explorer Vulnerability. To be fair, the chances of a user doing what is necessary for the vulnerability to be exploited are fairly low, but nonetheless possible. IE is just a waste of time - even designers are now giving up using CSS hacks to support it.
    IE7 better be good (if anything made by M$ can be 'good')

    Thank god Dell are now shipping Firefox on their PCs! At least there are some solid, stable browsers in the world...
    TAZForum <---- click

  3. #3
    Senior Member JonnyFrond's Avatar
    Join Date
    Jan 2006
    Posts
    238
    Evening peeps,

    Just out of interest, what is the best way do leave IE if you do use a different browser instead, because I am aware that you cannot just uninstall IE due to the way it integrates with the operating system.

    I personnally have just left it, and disabled it in Zone Alarm. Is that a good way to leave it?


    The ever curious Jo??Y Fro?d
    Sarcasm is a way of life

  4. #4
    Blast From the Past
    Join Date
    Jan 2003
    Posts
    729
    *sigh*

    *hugs slackware box*
    work it harder, make it better, do it faster, makes us stronger

  5. #5
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675
    J_K9,

    ďTo be fair,Ē youíre hoisting the Firefox banner next to your snake oil stand. IE not solid, stable and a waste of time? MS canít make anything good?? Oh my!

    No - Iím gonna resist, Iím not going to do it! Let him believe what he wants...lol

    ROTFL



    JonnyFrond;

    You can leave it in that state if you want. No harm. It can be deleted, but a lot less work to just let it be. If you want to scroll through my posts, youíll find one on deleting IE and setting up another browser in its place. However, you will encounter problems later when patching Windows etc. Obviously it will be looking for IE.

    cheers
    Connection refused, try again later.

  6. #6
    The Prancing Pirate
    Join Date
    Jul 2004
    Posts
    548
    Originally posted here by Relyt
    J_K9,

    ďTo be fair,Ē youíre hoisting the Firefox banner next to your snake oil stand. IE not solid, stable and a waste of time? MS canít make anything good?? Oh my!

    No - Iím gonna resist, Iím not going to do it! Let him believe what he wants...lol

    ROTFL
    Are you assuming that because I was referring to there being solid, stable browsers in the world that IE is not one of those? And that M$ can't make anything good, when in fact I meant that all their software's brilliant? You see - it's all in the way you read it....

    lmao
    TAZForum <---- click

  7. #7
    I don't think security advisors will call this vulnerability critical. But it is still 1 for Firefox and 0 for IE.
    The access to the computer or
    anything else that shows us how the
    world works must be total and
    unlimited.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •