Submit your breaking news stories and original articles to us by contacting us
Un-patched IE Flaw Worse Than Expected
Monday, Nov. 28 2005 | Author: jeremySecunia has issued a rare “Extremelly Critical” warning for an un-patched IE flaw that was reported over 6 months ago.
Benjamin Tobias Franz figured out the original problem in March of this year, which can be summarized thusly: IE fails to correctly initialize the JavaScript “Window()” function, when used in conjunction with a event. This means that Internet Explorer encounters an exception when trying to call a dereferenced 32-bit address located in ECX.
If we execute the following code:
CALL DWORD [ECX+8]
ECX will be populated by the Unicode representation of a text string named “OBJECT”, which translates in hex to 0×006F005B. Because offset 0×006F005B points to an invalid (or non-existent) memory location, Internet Explorer fails to execute the next instruction in the stack and the user sees the application crash. This is why the problem was first classified as a Denial of Service.
Please, just go download Firefox.
Category: Uncategorized
Jobs for Bloggers
Blogosphere News
Blog Reviews
Resources
- Forex Trading
- Online Backgammon
- Online Casinos
- Gadzooki
- Gaming Blog
- Geeks Blog
- Australia Web Hosting
- Australia Domain Names
- International Phone Card
- LCD TVs
4 Responses for "Un-patched IE Flaw Worse Than Expected"
November 29th, 2005 at 1:32 am
1Yeah because Firefox is without security holes…
November 29th, 2005 at 2:16 am
2Al, did anyone ever make that claim? No! Switch to Firefox because any security issue will get patched and because its actualy quality code.
Go back to whosoever anus you came form, troll.
November 29th, 2005 at 10:17 am
3Reading about the security nightmare that is IE is similar to reading about another casulty in Iraq: You know it’s bad, but it happens so often that it doesn’t even make you blink.
November 29th, 2005 at 12:01 pm
4Firefox uber alles
RSS feed for comments on this post
Leave a reply