Threat level definition
Search:
Home
Bugtraq
Vulnerabilities
Mailing Lists
Jobs
Tools
Vista
News
Infocus
Foundations
Microsoft
Unix
IDS
Incidents
Virus
Pen-Test
Firewalls
Columnists
Mailing Lists
Newsletters
Bugtraq
Focus on IDS
Focus on Linux
Focus on Microsoft
Forensics
Pen-test
Security Basics
Vuln Dev
Vulnerabilities
Jobs
Job Opportunities
Resumes
Job Seekers
Employers
Tools
RSS
News
Vulns
Security Research
info
discussion
exploit
solution
references
Microsoft Internet Explorer XML Handling Remote Code Execution Vulnerability
References:
Clarification on the various workarounds from the recent IE advisory
(Microsoft)
Alert: IE70DAY attack code has been linked to the use of trojan horse
(GreySign)
CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition
(CWE)
Microsoft Internet Explorer Homepage
(Microsoft)
Microsoft Security Advisory 961051 Updated
(Microsoft Security Response Center (MSRC))
Microsoft Security Bulletin Advance Notification for December 2008
(Microsoft)
MS08-078 and the SDL
(Microsoft)
New Web attack exploits unpatched IE flaw
(Robert McMillan)
ASA-2008-510 - MS08-078 Security Update for Internet Explorer (960714)
(Avaya)
EEYEZD-20081209 Microsoft Internet Explorer 7 XML Zero-Day
(eEye Digital Security)
HPSBST02397 SSRT080187 rev.1 - Storage Management Appliance (SMA), Microsoft Pat
(HP)
Microsoft Security Advisory 961051
(Microsoft)
Microsoft Security Bulletin MS08-078
(Microsoft)
Nortel Response to Microsoft Security Bulletin MS08-078
(Nortel Networks)
VU#493881 - Microsoft Internet Explorer 7 XML parsing memory corruption
(US-CERT)
Privacy Statement
Copyright 2008, SecurityFocus
