Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Full-disclosure] Determina zero-day fix for CVE-2006-3730 (WebViewFolde

from [Alexander Sotirov] Network Security [Permanent Link]
Subject: [Full-disclosure] Determina zero-day fix for CVE-2006-3730 (WebViewFolderIcon setSlice Integer Overflow)
Date: Fri, 29 Sep 2006 12:18:58 -0700 
Determina has released a free, downloadable fix for the WebFolderIcon setSlice
vulnerability. This standalone fix for Internet Explorer will prevent this
critical vulnerabilty from being exploited until Microsoft is able to issue a
patch. Desktop users without proactive protection against vulnerability exploits
may consider installing this fix if they believe they might have exposure to
web-based attacks.

The fix can be downloaded from http://www.determina.com/security.research/ and
includes full source code. The fix applies to all versions of Windows 2000, XP
and 2003. The fix patches the flawed code in memory when a vulnerable version of
the ActiveX control in Internet Explorer is running, without affecting any files
on disk or disabling any browser functionality. It should also not interfere
with the installation of a Microsoft patch when one becomes available.

We're also researching additional exploitation vectors. The underlying cause of
the setSlice vulnerability is an integer overflow in COMCTL32.DLL, a core
Windows component used by a large number of applications. The WebViewFolderIcon
ActiveX control is most likely only one of the attack vectors for this
vulnerability.


Alex Sotirov

Security Research
Determina Inc.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [Full-disclosure] Determina zero-day fix for CVE-2006-3730 (WebViewFolderIcon setSlice Integer Overflow), Alexander Sotirov <=
Previous by Date:  [ MDKSA-2006:176 ] - Updated xine-lib packages fix buffer overflow vulnerabilities, security
Next by Date:  rPSA-2006-0175-2 openssl openssl-scripts, rPath Update Announcements
Previous by Thread:  [ MDKSA-2006:176 ] - Updated xine-lib packages fix buffer overflow vulnerabilities, security
Next by Thread:  rPSA-2006-0175-2 openssl openssl-scripts, rPath Update Announcements
Indexes:  [Date] [Thread] [Top] [All Lists]