It seems a new, fairly serious flaw has been discovered in Internet Explorer 7 – and as accounts go it’s been around for a couple of months in the underground. The worrying part is, patch Tuesday was yesterday and after testing it’s been discovered that this flaw WAS NOT patched in the updates. ISC reports […]
Tags: 0 day exploit, 0day, 0day ie exploit, hacking internet explorer, hacking-windows, IE, IE-exploit, ie7, ie7 exploit, internet explorer security, internet explorer vulnerability, internet-explorer, internet-explorer-7, internet-explorer-exploit, patch-tuesday, remote code execution, windows vulnerability, windows-security
Posted in: Exploits/Vulnerabilities, Windows Hacking | Add a CommentOur Polish friend and expert security researcher, Michal Zalewski (lcamtuf), known for his endless stream of vulnerabilities in all manners of software, has struck again. This time with some pretty serious flaws in both Internet Exploder Explorer and Firefox. This time it’s 4, 2 in IE and 2 in Firefox. The first which effects fully […]
It seems the recent fake login flaw effects both Internet Exploder and Firefox. Good to keep alert and with the new update mechanism it’s very simple to update your Firefox installation. The latest versions of both Firefox and Internet Explorer are vulnerable to an unpatched flaw that allows hackers to snaffle users’ login credentials via […]
Tags: firefox-flaw, firefox-hacking, hacking, IE, IE-flaw, IE-hacking, internet-explorer, vulnerabilities
Posted in: Exploits/Vulnerabilities, Web Hacking | Add a CommentThis was a while back, but with Microsoft’s security record it’s pretty much inevitable.. Even before release (as with Vista) flaws were found. Introduction A vulnerability has been discovered in Internet Explorer, which can be exploited by malicious people to disclose potentially sensitive information. Please use the test below, to see an example of how […]
Tags: explorer-7, hacking-windows, IE, ie-7, ie7, internet-explorer, internet-explorer-7, microsoft, vista, windows
Posted in: Exploits/Vulnerabilities, Windows Hacking | Add a CommentCross Site Scripting, or know as XSS, is the most common basic web hacking technique… and harmless, as many would say… but on this matter I don’t really agree, that’s why I wrote this article. About XSS as I knew it is a very abstract definition for JavaScript injection, or at least this is what […]
Tags: backbone, cookie, firefox, html, IE, internet-explorer, Javascript, Opera, XSS
Posted in: General Hacking, Web Hacking | Add a CommentWhat? New vulnerabilities in Internet Explorer? You can hack Internet Exploder Explorer? Never! 3Com Corp’s TippingPoint division has discovered and disclosed two critical new vulnerabilities in Microsoft’s Internet Explorer through 3Com’s Zero Day Initiative (ZDI). The vulnerabilities could have allowed an attacker to gain control of a PC if the user was logged in with […]
I know this is old, but a lot of people still don’t know about it. It can test for up to date Mozilla, Opera and Internet Explorer flaws, exploits and vulnerabilities. Browser vulnerabilities are a serious issue now. You can see which vulnerabilities they test for here and the statistics of the tests results here. […]
Tags: bcheck, browser-security, computer-security, firefox, firefox-security, hacking, IE, IE-security, internet-explorer, scanit
Posted in: Countermeasures | Add a CommentCan you see the irony? Just after 2 weeks that M$ released the Internet Explorer security makeover, Michal Zalewski came up with a highly critical exploit, as called by Secunia… based on a mishandling of the OBJECT tag…. Security alerts aggregator Secunia flagged the issue as “highly critical” and stressed that it can be exploited […]
Tags: antitrust, exploit, IE, internet-explorer, michael-zalewski, microsoft, object, vulnerability
Posted in: Exploits/Vulnerabilities | Add a CommentI recently found on securityfocus mailinglist a bug in IE which can be exploited with a simple javascript code to spoof the address bar location… This allow attacker inject a malicious shockwave-flash application into Internet Explorer while it is display another URL (even trusted sites). The vulnerability has been confirmed on a fully patched system […]
Tags: antitrust, browser-spoof, IE, IE-exploit, internet-explorer, spoof, vulnerability
Posted in: Exploits/Vulnerabilities | Add a CommentInternet Storm Center’s always informative Diary has some good information. At the urging of Handler Extraordinaire Kyle Haugsness, I tested the sploit on a box with software-based DEP and DropMyRights… here are the results: Software-based DEP protecting core Windows programs: sploit worked Software-based DEP protecting all programs: sploit worked DropMyRights, config’ed to allow IE to […]
Tags: browser, darknet, exploit, firefox, hack, hacking, IE, IE-exploit, internet-explorer-exploit, poc, vulnerability, windows
Posted in: Exploits/Vulnerabilities, Windows Hacking | Add a Comment
