Wednesday, March 10, 2010

CVE-2010-0806 - Internet Explorer 6/7 0 day

Some notes about:

Internet Explorer 0-day targeted in spam runs

Targeted Internet Explorer 0day Attack Announced

Robtex queries for the Mcafee reported URLs:


hxxxp:// -

The following exploiter (retrieved from once of the URL posted by McAfee) use Base64 encoding for hiding resources:

This issue it's been detected in the "iepeers.dll". With a good ActiveX fuzzer may be trivial found more info (CLSID: 7E8BC44E-AEFF-11D1-89C2-00C04FB6BFC4). Dranzer seem good enough: try to check for more details.

Metasploit module:

Microsoft Internet Explorer iepeers.dll use-after-free exploit

No comments:

Post a Comment