Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Topic of Interest: Internet Explorer Vulnerability test
#1
Internet Explorer Command Execution Vulnerability Test

Introduction

Some vulnerabilities have been discovered in Internet Explorer, which allows a malicious web site to execute arbitrary commands or install code on your computer without any user interaction.

A demonstration of the vulnerability is available for users running Internet Explorer 6 with Windows XP SP2 installed.

Test Case / Demonstration

Click the link below in order to test whether or not your system is vulnerable. This test is designed to work on Internet Explorer 6 with Windows XP SP2 installed.

Test Your System
Test Now - Left Click On This Link

Please note: If you wish to run the test multiple times, then please refresh this page before each test. The test requires that you have Windows installed in "c:/windows/".


What Happens When You Run The Test
When clicking the link above the exploit will be invoked. The exploit will launch "cmd.exe" (Command Prompt), which then will open a Secunia web page using "iexplore.exe" (Internet Explorer).

This test asks you to click a link before the exploit will run, this however, is not required for the vulnerability to work. The vulnerability can be exploited completely automatically by simply visiting a web site.


Result
You are vulnerable if a new Internet Explorer window opens, displaying a new Secunia web page.


Credits
The test is based on PoC by ShredderSub7.

PoC and test based on research by:
* ShredderSub7
* Paul, Greyhats Security
* Michael Evanchik
* Roozbeh Afrasiabi
* http-equiv


###############

To see this article and to do the tests go to

http://secunia.com/internet_explorer_com...lity_test/
Reply


Possibly Related Threads...
Thread Author Replies Views Last Post
  Mozilla / Mozilla Firefox Frame Injection Vulnerability TheDuck 1 3,813 09-06-2005, 09:36 PM
Last Post: Jangar
  NB - Firefox/Mozilla vulnerability TheDuck 4 4,808 18-05-2005, 05:01 PM
Last Post: FlyingBok
  User websites of interest ConsiderThis 1 3,383 27-03-2005, 07:07 PM
Last Post: ForumAdmin
  more about internet explorer mcamp999 0 3,791 18-01-2005, 04:03 PM
Last Post: mcamp999
  internet explorer the facts? mcamp999 1 3,625 05-01-2005, 06:44 PM
Last Post: Ameniatha
  security vulnerability msn messenger angelbabe 0 3,199 23-03-2004, 10:39 PM
Last Post: angelbabe
  telephone calls internet jimswin 20 11,466 01-03-2004, 05:34 AM
Last Post: jimswin
  Problems with internet explorer lols 8 7,113 01-02-2004, 10:08 PM
Last Post: Hampshire Hog
  Fast, reliable, affordable internet Newsroom 0 5,096 Less than 1 minute ago
Last Post:

Forum Jump:


Users browsing this thread: 1 Guest(s)