funsec mailing list archives

Extremely critical Windows XMLHTTP ActiveX 0-day reported

From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Sun, 5 Nov 2006 02:19:35 +0200 (EET)

More information is available via

Microsoft Security Advisory #927892
"Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution"
http://www.microsoft.com/technet/security/advisory/927892.mspx

"Microsoft XMLHTTP ActiveX Control Code Execution Vulnerability"
http://secunia.com/advisories/22687/

and

"ActiveX - reason of the newest Windows 0-day, again"
http://blogs.securiteam.com/?p=717

This code execution vulnerability is target of active exploitation already.

- Juha-Matti


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Extremely critical Windows XMLHTTP ActiveX 0-day reported Juha-Matti Laurio (Nov 04)
- Re: Extremely critical Windows XMLHTTP ActiveX 0-day reported Florian Weimer (Nov 05)