-
February 14th, 2006, 08:53 PM
#1
** HEADS UP** IE vulnerability
Greeting's
vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to error in the timing of drag-and-drop events when certain objects not derived from HTML documents (e.g. files within a folder view) are dragged. This race condition can be exploited to place arbitrary files on a user's system by tricking the user into interacting with a malicious web
Solution is :
Disable Active Scripting support for all but trusted sites.
For more information :
FULL DISCLOSURE
http://archives.neohapsis.com/archiv...6-02/0271.html
To verify above information :
http://secunia.com/advisories/18787/
Microsoft :
http://blogs.technet.com/msrc/archiv...13/419439.aspx
Parth Maniar,
CISSP, CISM, CISA, SSCP
*Thank you GOD*
Greater the Difficulty, SWEETER the Victory.
Believe in yourself.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|