Wednesday, November 3, 2010

CVE-2010-3962 - yet another Internet Explorer RCE

Update - November, 12 2010:
Amnesty International Hong Kong Website Injected With Latest Internet Explorer 0-day

Update - November, 5 2010:
CVE-2010-3962 - BindShell proof of concept:

Metasploit Module

More on the IE 0-day - Hupigon Joins The Party

Update - November, 4 2010:
the memory corruption proof of concept is (place the following code as is within a HTML file):


Microsoft Internet Explorer CSS "clip" Attribute Memory Corruption

November, 3 2010:
New IE 0-Day used in Targeted Attacks

The issue seem related to a "use after free" bug when are parsed some CSS tags sequence.
Once of the implicated malware seem a Backdoor.Pirpi variant.

Other links:

Microsoft Security Advisory 2458511 (workaround included)

No comments:

Post a Comment