Nine new Internet Explorer vulnerabilities
by Volker Weber
GreyMagic released nine vulnerabilities today, eight of them rated critical.
With all of them combined, an attacker can easily steal private local documents, steal cookies from any site, forge trusted web sites, steal clipboard information and even execute arbitrary programs.
As always, full details and an online demonstration of all nine new vulnerabilities are available.
Comments
I've tested the vulnerabilities on IE 6.0 SP1 and none of theme was executable. On all the same message: "Error on injecting: - no access to object". Seemed that sp1 fixes these problems.
Dirk Bartkowiak, 2002-10-24
