Threat Level: green Handler on Duty: Pasquale Stirparo

SANS ISC: InfoSec Handlers Diary Blog - Internet Explorer msxml3 concurrency problems: update InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Internet Explorer msxml3 concurrency problems: update

Published: 2007-02-06
Last Updated: 2007-02-06 21:45:51 UTC
by Swa Frantzen (Version: 1)
0 comment(s)
The CVE-2007-0099 vulnerability has a potential for remote code execution that could make it much more critical than a plain DoS problem as demonstrated by the publicly known exploit.

In our interactions we have been led to believe that the remote code execution vector is too hard to control to be of any practical use to the hackers. Therefore we updated our overview table to reflect a Less Urgent need to act on it.

--
Swa Frantzen -- net2s.com
Keywords:
0 comment(s)
Diary Archives