Slashdot Mirror

← Back to Stories (view on slashdot.org)

Extremely Critical IE6/SP2 Exploit Found

Posted by timothy on from the but-don't-worry-they're-on-it dept.

Spad writes "Secunia is reporting on three vulnerabilities in IE6 running on XP SP2. Any of these, in combination with an inappropriate behaviour where the ActiveX Data Object (ADO) model can write arbitrary files, can be exploited to compromise a user's system. Moreover, the vulnerability can be used to delete files from the user's system. Secunia says 'Solution: Use another product.'"

5 of 595 comments (clear)

  1. Mac by Pretendstocare · · Score: 1, Redundant

    /hug ibook

  2. Re:Delete files? by Neuroelectronic · · Score: 0, Redundant

    This should be modded redundant. Anyone who saw that redundantcy (except the poster) didn't have to comment on it because it is obvious that it was said because not everyone knows that.

  3. check if your vunerable by blackest_k · · Score: 1, Redundant

    http://secunia.com/internet_explorer_command_execu tion_vulnerability_test/
    is a test page containing a link if you left click on it and a window opens your vulnerable (it didn't do anything in Firefox)

    --
    Blarney Quality Restaurant, Plants
  4. in other news by Anonymous Coward · · Score: 0, Redundant

    Scientists have determined that water is wet.

  5. What about Moz flaws The Register has as top story by Dr.Knackerator · · Score: 1, Redundant

    Mozilla and Firefox flaws exposed

    "The most serious flaw involves a buffer overflow bug in the way Mozilla processes the NNTP (news) protocol. The bug creates a means for hackers inject hostile code into vulnerable systems, providing they trick users into executing maliciously constructed news server links"


    Of course half the problem with these kinds of 'update your software now' fixes is that so many people dont, even when its a no brain operation like using windows update.