ISC: Concurrency strikes MSIE (potentially exploitable msxml3 flaws) (NEW)
Published: 2007-01-05,
Last Updated: 2007-01-05 05:35:34 UTC by Adrien de Beaupre (Version: 1)
As reported on full-disclosure, MS Internet Explorer is vulnerable to a race condition. The PoC is a Denial of Service, it causes IE 6 to stop responding when tested, other versions are also likely vulnerable. Likely more to report on this flaw in the AM. The author reports that it is possible this issue could lead to remote compromise.
Cheers,
Adrien de Beaupre
Link to SANS - Internet Storm Center - Cooperative Cyber Threat Monitor And Alert System