2 matches found
Internet Explorer vulnerable to arbitrary code execution
Overview Internet Explorer contains a vulnerability that may allow arbitrary code execution. According to Microsoft, targeted attacks that attempt to exploit this vulnerability have been confirmed but are limited. Impact If a user views a specially crafted web page, an arbitrary code may be...
Outlook Express Attach Execution Exploit (img tag + innerHTML + TIF dos name)
Using some informations posted on Bugtraq in this week, I found a very simple way to exploit "download&execution" of an .EXE file, directly from Outlook Express. This is my report: When an HTML page attached into a message, is started, it runs in the security zone of "Temporary Internet Files" TI...