Microsoft Outlook Express MHTML Redirection Local File Parsing Vulnerability

Liu Die Yu has released a proof of concept exploit designed to exploit the issues described in BID 9105, 9107 and 9109 to execute arbitrary executables. The proof of concept 1stCleanRc-Xp.zip and a document describing the exploit is available at the following location:

http://www.safecenter.net/UMBRELLAWEBV4/1stCleanRc/index.html

The exploit 1stCleanRc-Xp.zip is linked below.

Liu Die Yu has made a number of proof-of-concepts available at the following website:
http://www.safecenter.net/UMBRELLAWEBV4/DirSvc/security/trie/index.html


 

Privacy Statement
Copyright 2010, SecurityFocus