Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×
Security

Submission + - Internet Explorer Vulnerability Back From The Dead (raffon.net)

Clown of The Month writes: A vulnerability in Internet Explorer that was discovered almost 3 years ago by cyber_flash, is now demonstrated by security researcher Aviv Raff to automate an exploit of a new vulnerability in Adobe Reader. The old vulnerability allows an attacker to download and open an executable file in an application associated to a different extension. The new vulnerability allows an attacker to execute arbitrary code from remote when opening a manually downloaded PDF file. Combining both vulnerabilities, it is now possible to execute code from remote by clicking on a link in IE7, as shown in a video created by Raff.
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Internet Explorer Vulnerability Back From The Dead

Comments Filter:

Intel CPUs are not defective, they just act that way. -- Henry Spencer

Working...