[Full-disclosure] MS07-069 DHTML Objects Memory Corruption - has anybody seen it in the wild?
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Tue Jan 15 16:07:55 GMT 2008
On Tue, 15 Jan 2008 15:36:22 +0100, Alla Bezroutchko said:
> Microsoft security bulletin says: "When the security bulletin was
> released, Microsoft had received information that this vulnerability was
> being exploited." However I haven't found any references to an exploit
> in the wild. Checked a few anti-virus databases, but nothing there either.
Note that the mentioned exploit may not show up in an anti-virus database
because it's not in anything that the A/V actually checks (think about why
you rarely see browser exploits in an A/V database - what the A/V lists is
the stuff dumped on the end user's box after the exploit gets things started).
I'd look for things like bleeding-edge Snort signatures and the like.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080115/f51dce99/attachment.bin
Full-Disclosure is hosted and sponsored by Secunia.