Forum Index
Home Forum Radio Memberlist Help Search Quick Links

It appears you have not yet registered with our community which limits what you can do & see. It's Free To register, please click here.



Forum Index » Internet » Security Alerts and vulnerabilities » Internet Explorer DHTML Edit ActiveX Control
Register Calendar Gallery Mark Forums Read

Security Alerts and vulnerabilities Lets keep abreast on the latest threats by posting those findings here..

Reply
 
Thread Tools Display Modes
  #1  
Old 12-19-2004, 01:54 PM
Mobo's Avatar
Mobo Mobo is offline
Thinking outside the box
  
Join Date: Sep 2004
Location: Cape Breton
Posts: 4,587
Send a message via ICQ to Mobo Send a message via AIM to Mobo Send a message via MSN to Mobo Send a message via Yahoo to Mobo Send a message via Skype™ to Mobo
Thumbs down
The vulnerability is caused due to an error in the DHTML Edit ActiveX control when handling the "execScript()" function in certain situations. This can be exploited to execute arbitrary script code in a user's browser session in context of an arbitrary site.

Secunia has constructed a test, which can be used to check if your browser is affected by this issue:
http://secunia.com/internet_explorer_cross...erability_test/

The vulnerability has been confirmed on a fully patched system with Internet Explorer 6.0 and Microsoft Windows XP SP1/SP2.

Solution:
Set security level to high for the "Internet" zone (disable ActiveX support).


Also be sure to check in on windows update for the latest available updates for your operating system ..
Reply With Quote
Posted


  #2  
Old 05-31-2008, 04:25 PM
vainternet vainternet is offline
Junior Member
  
Join Date: May 2008
Posts: 1
Cool Active X Control
This control is stronger, most of it is verified on the client

http://www.youtube.com/watch?v=xwgoMWDByF0
Reply With Quote
Reply

  • Submit Thread to Digg Digg
  • Submit Thread to del.icio.us del.icio.us
  • Submit Thread to StumbleUpon StumbleUpon
  • Submit Thread to Google Google
    • Bookmarks

    « Previous Thread | Next Thread »
    Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
     
    Thread Tools
    Display Modes
    Linear Mode Linear Mode

    Posting Rules
    You may not post new threads
    You may not post replies
    You may not post attachments
    You may not edit your posts
    BB code is On
    Smilies are On
    [IMG] code is On
    HTML code is Off
    Forum Jump

    Similar Threads
    Thread Thread Starter Forum Replies Last Post
    hijack log der Spyware / Virus Removal 46 10-04-2005 07:49 AM
    RSS-Microsoft Security Advisory (906267): A COM Object (Msdds.dll) Could Cause Internet Explorer to Unexpectedly Exit - 8/25/2005 RSS Importer Security Alerts and vulnerabilities 0 08-25-2005 03:00 AM
    eliteuvf32.exe?? AdWare? Alex Spyware / Virus Removal 31 05-17-2005 09:50 PM
    Pop-up crazy MOJET Spyware / Virus Removal 11 03-30-2005 09:22 PM
    Internet Explorer HTML Elements Buffer Overflow Mobo Security Alerts and vulnerabilities 0 12-06-2004 11:32 AM



    All times are GMT -5. The time now is 11:25 AM.

    Contact Us - CyberAnswers - Archive - Privacy Statement - Top

    Firefox 2