IE XML Parsing BoF exploit

A new XML based heap corruption exploit has been published on milwOrm, the exploit affects all versions of IE, tested for IE 6.x, IE 7.x, XP SP2, XP SP3 and Vista which endangers your safety if you use Internet Exploiter for browsing.

The exploit allows someone remotely to download/execute anything on your machine.

Kaspersky Antivirus is able to detect and block the execution of the exploit, however, this might not be true if the exploit was hardcoded. Play safe.


an inside look on the exploit has been written by my brother DATA_SNIPER on his blog, click  H E R E to read about it.

3 Responses to “IE XML Parsing BoF exploit”

  1. Microsoft has released a patch for this security issue:


  2. salam alikom
    hi AX nice blog ,keep the good w0rk Up 🙂
    i hav made a litel Article about some malicious idea in this link if you don’t mind
    and ill explain how the Code Execution can be done,in STANDALONE article in the blog.

  3. 3alykom al salam 🙂

    welcome brother and thanks for contributing to the security scene with such wonderful tutorials, keep it up! (thumbup)

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: