Added: 08/13/2008
CVE: CVE-2008-2259
BID: 30612
OSVDB: 47414
Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems.
A flaw in the handling of validation of arguments by the print preview function in Internet Explorer allows command execution when a user loads a specially crafted web page.
Apply the fix referenced in Microsoft Security Bulletin 08-045.
<http://www.microsoft.com/technet/security/bulletin/MS08-045.mspx>
Exploit works on Microsoft Internet Explorer 6.0.2800.1106 and 6.0.2900.2180 and requires the user to load the exploit page, and then refresh the page.
This exploit requires the ability to bind to port 69/UDP on the SAINTexploit host.
Windows 2000
Windows XP