Slashdot Mirror

← Back to Stories (view on slashdot.org)

IE 7.0/8.0b Code Execution 0-Day Released

Posted by kdawson on from the cross-zone-scripting dept.

SecureThroughObscure writes "Security blogger and researcher Nate McFeters blogged about a 0-day exploit affecting IE7 and IE8 beta on XP that was released by noted security researcher Aviv Raff. The flaw is a 'cross-zone scripting' flaw that takes advantage of the fact that printing HTML web pages occurs in the Local Machine Zone in IE rather than in the Internet Zone. Quoting McFeters's post: 'This is currently unpatched and in all of its 0-day glory, so for the time being, beware printing using the "print table of links" option when printing web pages.' McFeters and others will be presenting at Black Hat on the link between cross-site scripting and cross-zone. Rob Carter has been hitting this hard over at his blog, pointing out cross-zone weaknesses in Azureus, uTorrent, and the Eclipse platform."

13 of 131 comments (clear)

  1. Amazing by duplicate-nickname · · Score: 5, Funny

    I didn't even know that "Print table of links" was an option for printing in IE until today. My guess is that no one actually uses that feature, and this 0-day exploit affects roughly 0 people.

    --

    ÕÕ

    1. Re:Amazing by Anonymous Coward · · Score: 5, Funny

      You're forgetting about another MSIE feature, a TWAIN plugin called "Scan table of links".

  2. Usage by Wowsers · · Score: 5, Funny

    People still use Internet Exploder?

    --
    Take Nobody's Word For It.
  3. For using IE since 2.X... by AioKits · · Score: 3, Funny

    I can safely say I did not know this ability even existed. (Don't hurt me! I use FireFox at home! Honest! I even brought some FF t-shirts and the laptop tote.)

    --
    "Quote me as saying I was mis-quoted." -Groucho Marx
  4. To view this article on one page... by Thelasko · · Score: 5, Funny

    please select the printable version.

    end sarcasm

    --
    One of our competitors trademarked the term "hypothesis". From now on, we will call them "boneheaded ideas".
  5. Re:Proof by morgan_greywolf · · Score: 1, Funny

    Exactly. I knew you'd see it my way.

    --
    My blog
  6. Re:yes, I use it by Just+Some+Guy · · Score: 2, Funny

    Sorry, I could not keep from modding this funny.

    It didn't take.

    --
    Dewey, what part of this looks like authorities should be involved?
  7. Re:Must we highlight every bug in IE? by Vexorian · · Score: 2, Funny

    God forbid this site bashed windows.

    --

    Copyright infringement is "piracy" in the same way DRM is "consumer rape"
  8. Oh yeah? by Spy+der+Mann · · Score: 3, Funny

    yes, I use Internet Explorer in Windows Vista that is the safest browser because it runs with the lowest privileges possibile in a sandbox (IE7 Protected mode).


    Oh yeah? I use Internet Explorer in XP under non-admin mode in a virtualbox install on Cygwin on a virtualbox install of XP inside a Linux virtualbox install under a SELinux host!

    HAH! Take that!
  9. Printer-friendly version by 6Yankee · · Score: 2, Funny

    here

  10. Re:yes, I use it by Anonymous Coward · · Score: 1, Funny

    I appreciate the honesty that your name portrays.

  11. Re:Proof by keytoe · · Score: 3, Funny

    Your markup is incorrect - you left the slash off your closing Pffft. tag.

    --

    Culture is more than commerce

  12. Re:0-day by An+ominous+Cow+art · · Score: 4, Funny

    Yeah, the term has definitely been bricked.