A new advisory by WebSense has pointed to the fact that what was previously a DoS condition, has now been found to be exploitable, and in the wild. This is a vulnerability in ADODB which was disclosed during the Month of Browser Bugs last July (specifically #29), and patched in February as MS07-009.
We will, of course, be on the lookout for developments related to the proliferation of the exploit code into more websites.
Powered by Trac 0.10.4
By Edgewall Software.
Privacy Policy | Terms of Use | Contact Us
This project is sponsored by The MITRE Corporation. Applying systems engineering and advanced technology to critical national problems.
Copyright © 2004-2008, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation.
Material on this site may be copied and distributed with permission only. MITRE has no control over content on external sites unless noted.