[Full-disclosure] COM objects and MSIE vulnerabilities recap + additional fix

Disclaimer: The information in this email is distributed WITHOUT ANY WARRANTY, TO THE EXTENT PERMITTED BY APPLICABLE LAW; without even the implied warranty of CORRECTNESS or FITNESS FOR A PARTICULAR PURPOSE. You know the drill... Affected products: Various COM objects when loaded in Microsoft...

ie_dhtml_poc.txt

Details and PoC code for MSIE DHTML Object handling vulnerabilities are available online at my website: http://www.edup.tudelft.nl/bjwever Note: page is not up-to-date, since it was written in August/September 2004. Additional information will be added when found during testing of MS05-20 patch...