Gray Hat Hacking, Second Edition

Prev | Current Page 647 | Next

Shon Harris, Allen Harper, Chris Eagle, and Jonathan Ness

"Gray Hat Hacking, Second Edition"

answers.com/topic/download-ject
http://xforce.iss.net/xforce/alerts/id/177
Ibiza Attacks www.securityfocus.com/bid/9658/exploit
Microsoft??™s Download.Ject response www.microsoft.com/security/incident/download_
ject.mspx?info=EXLINK
MS04-040 (IFRAME Tag Parsing Buffer Overrun)
The next client-side vulnerability that was used in widespread attacks was an HTML
parsing vulnerability in Internet Explorer. Michal Zalewski in October 2004 wrote an
Chapter 15: Client-Side Browser Exploits
365
PART IV
HTML fuzzer that he called MangleMe. He used it to find several Internet Explorer
crashes that he posted to Bugtraq along with a copy of his tool. A hacker named ned
then used a Python port of this tool to find a simple bug that ended up being abused by
hackers for years afterward.

Beta Book

Shon Harris, Allen Harper, Chris Eagle, and Jonathan Ness

"Gray Hat Hacking, Second Edition"