Description: Demonstration of Metasploit Framework with BackTrack 5 R2
============================================
Author:
=======
Mzer0 :
http://www.4xsecurityteam.com
http://twitter.com/4xsecurityteam
Disclaimer:
===========
Educational purposes only.
CVE
===
CVE-2012-1889 Microsoft XML Core Services Vulnerability
Tested on
=========
Windows XP SP3 + IE 7.05730.13
Description :
=============
This module exploits a memory corruption flaw in Microsoft XML Core Services when trying to
access an uninitialized Node with the getDefinition API, which may corrupt memory allowing
remote code execution. At the moment, this module only targets Microsoft XML Core Services
3.0 via IE6 and IE7 over Windows XP SP3.
Tags: metasploit , ie , microsoft , Vulnerability ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
IE6 and IE7 has also another vulnerability. check out this for more detail
http://www.metasploit.com/modules/exploit/windows/browser/ms10_018_ie_behaviors