SANS: New exploit released for the WMF vulnerability


On New Year's eve the defenders got a 'nice' present from the full disclosure community. The source code claims to be made by the folks at metasploit and xfocus, together with an anonymous source.

Note: We have been able to confirm that this exploit works. We are in the process of getting information to AV vendors ASAP. We can also confirm that having the file and simply opening the directory can be enough to get the exploit running. SANS - Internet Storm Center - Cooperative Cyber Threat Monitor And Alert System

Linked by shanmuga Saturday, 31st December 2005 9:37PM