Zero-day Flaw in Internet Explorer Revealed
Aviv Raff, Security Researcher from Israel, published on May 14, 2008, detailed information relating to a zero-day flaw in Microsoft's Internet Explorer browser.
In previous week, Raff kept a "treasure trove" on his Website where he hid the vulnerability's exploit code. In conjunction with a contest winner, which Raff named "George the Greek", the researcher published the vulnerability's details.
Raff explained that the fault is in the "Print Table of Links" feature, which allows IE users to take prints of a Web page together with a table of links compiled at the end of that page. Raff discovered that for an attacker, who added a special script to a page, it was possible for him to run software without authorization on the computers of IE users ...
» SPAMfighter News - 26-05-2008