Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Two serious IE flaws

Two serious IE flaws

by Nikola Strahija on June 30th, 2006 It seems that the already infamous Microsoft Internet Explorer suffers form two serious bugs, one of which might be shared with a fellow browser, Mozilla Firefox.


Both flaws were made public on the Full Disclosure mailing list, by a researcher named Plebo Aesdi Nael. Nael published his proof of concept for fully patched Windows XP SP2 and Internet Explorer 6, and left the possibility of second flaw also affecting Mozilla Firefox.

The first vulnerability, an error in the handling of file shares, seems more benign, as it requires the user to double click on a web site in order to set malicious HTA applications via a a directory traversal attack.

The second vulnerability, an error in the handling of redirections, could allow attackers to get their hands onto sensitive user information, such as usernames and passwords needed for various web accounts, by employing object.documentElement.outerHTML property.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »