Cool advisory about ms-its(its) and mk:@MSITStore:protocol handlers. I like the amount of detail supplied. Though due to the detail, it is kinda hard to get the essence of the advisory.
What, exactly, is new about this?
The PoC mentioned in section a) looks very similar to something Jelmer posted a while back [1]
and the second bit like something Arman Nayyeri posted [2]
The PoCs in section b) through g) appear to be implementations of the above (?) but I could be wrong.
And the PoC in section h) seems related to Cert Advisory VU#489721 [3]
Oh, and does anybody know whether this [4] "new IE worm" has anything to do with anything?
With all the recycling of PoC code and releases of different variations of exploits it's kinda hard to understand which vulnerabilities lie at the basis of it all :-/
I vote for more cross-referencing! =)... BID's, CVE-id's and Cert-ID's are usefull =)
bye,
Lise
[1] http://marc.theaimsgroup.com/?l=full-disclosure&m=106332317811095&w=2 [2] http://archives.neohapsis.com/archives/bugtraq/2003-12/0337.html [3] http://www.kb.cert.org/vuls/id/489721 [4] http://archives.neohapsis.com/archives/bugtraq/2004-03/0299.html
_________________________________________________________________ MSN Search, for accurate results! http://search.msn.nl
