ie_dhtml_poc.txt

2005-04-18T00:00:00
ID PACKETSTORM:37192
Type packetstorm
Reporter SkyLined
Modified 2005-04-18T00:00:00

Description

                                        
                                            `Details and PoC code for MSIE DHTML Object handling vulnerabilities are available online at my website:  
http://www.edup.tudelft.nl/~bjwever  
Note: page is not up-to-date, since it was written in August/September 2004. Additional information will be added when found during testing of MS05-20 patch.  
  
Cheers,  
SkyLined  
  
PS. I was pretty surprised nobody asked me why I went from Internet Exploiter 1 to Internet Exploiter 3.... so now you know.  
  
.-----------------------------------,  
/ Berend-Jan Wever aka SkyLined )  
/ skylined@edup.tudelft.nl / \  
/ http://www.edup.tudelft.nl/~bjwever / /  
/ PGP key ID 0x48479882 / /  
/ .----. , / /  
/ ( ' / / . __ __/ / /  
/ `'-._ /.' | / / / ( / /_.'.' / / /  
( ) / ) |/ / / / ) (__ (__/ / /  
\-------' ------` '-----------------< /  
\______.`\______\/\_________________\/  
  
  
The information contained in this e-mail, if any, is often incorrect and  
probably plagiarized. It is intended solely for the amusement of the addressee.  
If you are not the intended recipient, my bad. Any action taken or omitted to  
be taken in reliance on the information in this message is your problem. Please  
notify me immediately if you have received it in error by reply e-mail and then  
delete this message from your system and any files in it's vicinity.  
  
I endeavour to ensure that my emails and any attachments are free from viruses,  
content, value or other contaminants. However, I cannot accept any  
responsibility might something worthwhile accidentally slip in. I therefore  
recommend you do not read them at all just to be sure.  
  
Please note that the statements and views expressed in this email and any  
attachments are completely chosen at random by the author and do not  
necessarily represent anything coherent, relevant or usefull.  
`