A new Internet Explorer bug was published on Monday. It’s been given a CVE (2006-4446) and affects IE 6.0 SP1. It’s worth considering alternative browsers. Details from bugtraq indicate that it’s a buffer overflow in the DirectAnimation.PathControl COM Object(daxctle.ocx)… could cause DoS and possibly remote code execution.
Tag: IE
-
IE 7 INCOMPATIBLE with WORDPRESS blogs using the stattraq plugin
I’ve FINALLY tracked down what was causing the issue with displaying my page in Internet Explorer 7 (RC1). It turns out that the stattraq plugin in wordpress (stattraq site) is part of the problem. Now, I don’t understand exactly WHY… because I do have stattraq on each of the sites, but one… onlineradiotv.com carried this error at the bottom of the page (ONLY in IE7 by the way…) “Fatal error: Call to undefined function: () in /var/www/html/radiotv/wp-content/plugins/stattraq.php on line 90”
The other pages just failed to display as though there was a network problem…. until…
-
Other MS patch news as well as a Yahoo vulnerability?
Or lack of currently available patch as the case may be. From the previous link it appears that there was at least one previously announced vulnerability that was not addressed in the recent patch day from Microsoft. From MS…
“this is a DoS only issue that was not addressed in MS06-040, but will be addressed in a bulletin.”
Not timeline yet on when… There are also public exploits out for (possibly related to MS06-046) which is related to the MS Help system.
-
Being cautious on the web…
Incidents.org is reporting on the defacement of a security related web site (winsnort.com). They say they usually decline to comment on those because the attention is what the defacers thrive on. However, it does pay to keep your browser updated and antivirus current. What’s more…. Several days ago there was the news that the President of Iran now has a blog (which is ironic in many ways given the restrictions they place on internet use….) But… anyway, I figured he is getting his propaganda tool our and ready in advance of the UN showdown over the nuclear program. Well, it turns out that some have noticed an interesting gift from the visit to Mr. Ahmadinejad’s site….
-
Mozilla Firefox user-agent spoofing
Sometimes you run across a site that’s a browser snob. You know the type…. you visit it in Mozilla Firefox or (anything other than IE) and it says, “you must use Internet Explorer version 6 or newer to use this site. Well, some browsers have nice ways of changing the user agent through the menus, and I wouldn’t be surprised if there’s a plugin for this in firefox (haven’t yet looked.) But, there is a way in about:config.
-
Fasten your seatbelts – Browser vulnerability a day to be announced in July
I hope there aren’t too many browser developers that have planned on taking July off….. I ran across browserfun.blogspot.com where it is planned to release information on a web browser vulnerability EACH DAY for the month of July. This comes to us from HD Moore of Metasploit. Judging from This securityfocus article, most of the vulnerabilities may just lead to a browser crash, but some seem to be remote code execution vulnerabilities. Microsoft Internet Explorer is where they found most of them, but other browsers were NOT immune and did find at least one remotely exploitable vulnerability to gain remote access for each browser tested.
-
Exploits a plenty – IE / Excel (Firefox?)
There are a number of vulnerabilities that are currently unpatched, but have working publicly known exploits for Excel (*2) and Internet Explorer (2 vulnerabilities here as well.) Proof of Concept code has been released for both the Excel and Internet Explorer vulnerabilities. This means, with the code publicly available, it won’t be long before it’s bundled into other malware delivery structures…. You might look at alternative browsers, BUT…. be forewarned that one of these vulnerabilities appears to work on a fully patched install of Mozilla-Firefox. (According to Sans – the Secunia code doesn’t – but the full disclosure exploit code does affect Firefox.) I’ve seen word of early 1.5.0.5 builds being available – I wonder if that will be modified to fix this issue?
-
Interesting spyware push download tactic…
Incidents.org has another interesting post about a spyware site. One of the handlers ran across it while doing a search for an educational institution. (They’ve used a wildcard in the dns record so that they can get traffic to {fillinkeyword}.nastydomain.com) Anyway… the main page tries to install WinAntiSpyware2006FreeInstall.cab from WinSoftware Corporation, Inc. It gives the little ActiveX control popdown bar and insists that it must be installed to view the page properly. But that’s not the most interesting part…
-
The Vista stories keep coming – Vista bad news for small security companies
VuNet has an article today on the coming of Vista and the imminent doom of the smaller security companies. The hardest hit will be anti-spyware and personal firewall vendors they say. It may well be true, it does sound like a different approach to user permissions (limited priviliges by default?) IE7 running in a sandbox, i.e. no permission to touch anything else …. which should cut down on the spread of browser exploits turning machines into spyware infested bots…
-
IE phishing exploit..
There is ANOTHER IE vulnerability that’s come across the news in the last week. It seems that this is currently only a Proof of Concept, I’ll have to check and see if anyone’s reported seeing this in the wild…, but essentially a race condition between a Macromedia flash file and web content can allow a forged address bar location… in other words it might say www.google.com in the address bar, but you’re actually looking at www.evilhackerplayground.org….