IE, mshtml.dll, oledb32.dll and vulnerability in XML parsing / data binding

Saulius Krasuckas saulius2 at ar.fi.lt
Sun Dec 14 16:03:42 CST 2008


Hello,

I noticed article about some IE issue: [1]

And couldn't stop smiling at the amount and spectre of the workarounds 
needed to prevent attacks ;)

And maybe Jacek (or some other mshtml guy) could test Wine's html engine 
against the external test case [2] to see whether we are better at 
handling [3] such XMLs.


[1] http://www.pcmag.com/article2/0,2817,2336831,00.asp
[2] http://www.milw0rm.com/exploits/7410
[3] http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4844



More information about the wine-devel mailing list