|
|
|
|
|
|
by nbpoole
4715 days ago
|
|
|
Not sure why this is getting voted up so much. The author came across a report of IE freezing/crashing, replicated it, and Microsoft fixed it. In the same security update (http://technet.microsoft.com/en-us/security/bulletin/ms13-03...) there are 10 other vulnerabilities described in the same way. Why is this particular vulnerability noteworthy or interesting, other than the fact that someone stumbled across it and documented it before it ended up reported to Microsoft? In fact, CVE-2013-1297 from that same security update (which I didn't know existed until now) is far more interesting from a security perspective (http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1...). Microsoft Internet Explorer 6 through 8 does not properly restrict data access by VBScript, which allows remote attackers to perform cross-domain reading of JSON files via a crafted web site, aka "JSON Array Information Disclosure Vulnerability." Similar JSON information disclosure can be very serious for a web application. http://haacked.com/archive/2009/06/24/json-hijacking.aspx describes the general issue in some depth. The fact that it was possible to use vbscript as a way to read in cross-domain JavaScript is very important from a security perspective. |
|
|
It may not be dropping any new super-advanced fuzzing or exploit techniques, but it's the story about a guy who did the legwork to run down the exploitability of a bug from public crash reports.