Jump to content

Internet Explorer 0-day


mubix
 Share

Recommended Posts

http://www.milw0rm.com/exploits/1606

The original DoS posted earlier this week has gone 0-day with PoC code that remotely executes code. The posted code only executes calc.exe, but more could be done.

!!! WARNING: THE FOLLOWING LINK COULD CRASH YOUR BOX !!!!

http://www.windowspms.com/exploit_test.html

I posted a link if you want to see if you are vulnerable. The above link only does exactly what is posted at milw0rm.

Link to comment
Share on other sites

On Windows 2000 (fully updated) doesn't launch windows Calculator, but after approximately 2 minutes, IE crashes. The system becomes exhaustively slow for a few minutes, but eventually recovers.

Using Firefox 1.5, I get similar results but Firefox doesn't crash -- it hogs system resources though and finally brought up the page after two minutes where I have a check box, but nothing else happens wehter or not the box is checked.

Firefox doesn't crash nor does it launch windows Calculator.

Intel Celeron 2.6Ghz, 256MB DDR 2100 RAM.

Is this a windows Xp exploit only?

-Manuel

Link to comment
Share on other sites

On Windows 2000 (fully updated) doesn't launch windows Calculator, but after approximately 2 minutes, IE crashes. The system becomes exhaustively slow for a few minutes, but eventually recovers.

Using Firefox 1.5, I get similar results but Firefox doesn't crash -- it hogs system resources though and finally brought up the page after two minutes where I have a check box, but nothing else happens wehter or not the box is checked.

Firefox doesn't crash nor does it launch windows Calculator.

Intel Celeron 2.6Ghz, 256MB DDR 2100 RAM.

Is this a windows Xp exploit only?

-Manuel

After reviewing my code to some of the other PoC code. I believe milw0rm may have sanitized the code. I'm working on getting the real exploit.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...