funsec mailing list archives
MS 0day
From: "Dude VanWinkle" <dudevanwinkle () gmail com>
Date: Tue, 7 Nov 2006 09:06:24 -0500
http://secunia.com/advisories/22687/ http://www.microsoft.com/technet/security/advisory/927892.mspx Microsoft is investigating public reports of a vulnerability in the XMLHTTP 4.0 ActiveX Control, part of Microsoft XML Core Services 4.0 on Windows. We are aware of limited attacks that are attempting to use the reported vulnerability. Customers who are running Windows Server 2003 and Windows Server 2003 Service Pack 1 in their default configurations, with the Enhanced Security Configuration turned on, are not affected. Customers would need to visit an attacker's Web site to be at risk. We will continue to investigate these public reports. ------------------ I cant tell if this is related to the ie_createobject vuln or not.. -JP _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- MS 0day Dude VanWinkle (Nov 07)
- <Possible follow-ups>
- Re: MS 0day Roger Thompson (Nov 07)
- Re: MS 0day Dude VanWinkle (Nov 07)
- Re: MS 0day Juha-Matti Laurio (Nov 07)