The second vulnerability exists because of flaws associated with the handling of compiled HTML Help (.chm) files that contain shortcuts. Because shortcuts allow HTML Help files to take any desired action on the system, only trusted HTML Help files should be allowed to use them. Two flaws allow this restriction to be bypassed. First, the HTML Help facility incorrectly determines the Security Zone in the case where a web page or HTML mail delivers a .chm file to the Temporary Internet Files folder and subsequently opens it. Instead of handling the .chm file in the correct zone – the one associated with the web page or HTML mail that delivered it – the HTML Help facility incorrectly handles it in the Local Computer Zone, thereby considering it trusted and allowing it to use shortcuts. This error is compounded by the fact that the HTML Help facility doesn’t consider what folder the content resides in. Were it to do so, it could recover from the first flaw, as content within the Temporary Internet Folder is clearly not trusted, regardless of the Security Zone it renders in.

                              The attack scenario for this vulnerability would be complex, and involves using an HTML mail to deliver a .chm file that contains a shortcut, then making use of the flaws to open  it and allow the shortcut to execute. The shortcut would be able to perform any action the user had privileges to perform on the system.

ActiveX control vulnerabilities

                         Signed ActiveX controls run as resident programs on your PC with full privileges when loaded through IE. The operating system treats signed code as local code. By default, IE does not prompt the user about this action so long as the code is signed. If someone has access to a certificate, then this type of attack could be very transparent. For example, a malicious hacker could use this in order to load buggy DLLs signed by the original vendor to temporarily downgrade your computer.
 
                          The HTML Help facility in Windows includes an ActiveX control that provides much of its functionality. One of the functions exposed via the control contains an unchecked buffer, which could be exploited by a web page hosted on an attacker’s site or sent to a user as an HTML mail. An attacker who successfully exploited the vulnerability would be able to run code in the security context of the user, thereby gaining the same privileges as the user on the system.

 Web page spoofing vulnerability:

•        Like the vulnerability above, this vulnerability would not provide any way to force users to the attacker's web site, and DNS poisoning or other measures would likely be required to exploit it.

•        Any hyperlinks within the page would correctly show the target. As a result, the attacker would need to point these to bona fide locations on the spoofed web site, with the result that the attacker would likely only be able to spoof a single web page, rather than an entire site.
 
 Variants of "Frame Domain Verification" vulnerability:

•        The vulnerability could only be used to read - not add, delete or change files.

•        The attacker would need to know the exact name and location of every file he wished to read.

•        The vulnerability could only be used to read file types that can be opened within a browser window - for example, .htm, .txt or .doc files, but not .exe or .xls files.

Server certificate validation vulnerability:

•        The vulnerability only affects how certificates from web servers are validated. It does not affect how code-signing certificates
or any other type of certificate are validated.

•        The specific checks that might be bypassed vary with both the user and the actions he may have taken during the current browsing session. An attacker could not predict with any degree of certainty which checks might be bypassed in a particular case.

•        The vulnerability does not provide any way to force users to the attacker's web site. It is likely that this vulnerability could only
be exploited in conjunction with a successful DNS poisoning or similar attack.

                           Some vulnerability could enable a web page to display the URL from a different web site in the IE address bar. This spoofing could occur within a valid SSL session with the impersonated site. Both vulnerabilities could be used to convince a user that the attacker's web site was actually a different one - one that the user presumably trusts and would provide sensitive information. However, as discussed in the Mitigating Factors section below, there would be significant hurdles to exploiting either vulnerability.
 
                           Variants of the "Frame Domain Verification" vulnerability could enable a malicious web site operator to open two browser windows, one in the web site's domain and the other on the user's local file system, and to pass information from the latter to the former.

                           This could enable the web site operator to read any file on the user's local computer that could be opened in a browser window.

Web page spoofing

In Web page spoofing the attacker makes you believe you are at a “safe” site when you are really at a site controlled by the hacker. These attacks can include altering IE’s location bar to show the wrong URL, mixing real site content with altered content, and showing the title of the page being spoofed, making it almost impossible to determine that you are not where you think you are.
 
Two vulnerabilities affecting Internet Explorer:
(Both of which could enable an attacker to spoof trusted web sites).
 
The first vulnerability involves how digital certificates from web servers are validated. When CRL checking for such certificates is enabled, it could be possible for any or all of the following checks to no longer be performed:
•        Verification that the certificate has not expired
•        Verification that the server name matches the name on the certificate
•        Verification that the issuer of the certificate is trusted

Vulnerabilities in Web browsers take many forms.
The vulnerabilities can be categorized into multiple classes including
Web page spoofing,
ActiveX control vulnerabilities,
Active scripting vulnerabilities,
MIME-type and content-type misinterpretation
Buffer overflows.

The consequences may include disclosure of cookies, local files or data, execution of local programs, download and execution of arbitrary code or complete takeover of the vulnerable system. To give some definition to their classes and add examples, the following general explanations with footnote references will followup on my consequitive blog postings.

Any Browser Faces Vulnerability

If you don’t visit hacker sites, is there a threat?

The answer is, sadly, yes in more instances then you might expect. This article focuses on Internet Explorer, but most of what is presented is true for any Web browser currently available. To start, let’s look at what it means to be a browser. Most people will answer with the most popular function, which is to transform the Hyper-Text Markup Language (HTML) into a viewable Web page. In the case of Internet Explorer, the browser can also interpret Java, ActiveX, JavaScript/JScript, VBScript, XML, XLST, and several other languages. Depending on the language, they may be compiled by the browser locally on the PC. The browser can launch almost any application, including media players and mail clients. Internet Explorer is designed with the Microsoft Container-Object model, enabling you to view Word, Excel, and many other documents from within the IE container. The browser code overlaps with Windows’ Explorer to access files on the Internet, in your network, and in your local file system. The browser can both send and receive files from the Internet. In addition, programs such as Outlook, Outlook Express, AOL, and MSN use the browser’s internal engine to render HTML formatted email. The browser can use active content to have bi-directional communication between third party software and itself. Once you realize the full power of the browser, it becomes more apparent why it is such a targeted piece of software – it is the next best thing to hacking the OS itself!

The rate at which vulnerabilities are posted makes it very difficult for administrators and the general public to keep the browser patched at all times.

                 Well every individual once he or she starts seeing some quick bucks they start looking for a wealthy lifestyle they begin to think more than what they could and so comes into picture who none other than the banks.

                                                                                                                 Every individual has high dreams of pursuing his or her higher studies in countries like USA,Canada,Australia,New Zealand,Singapore,but what takes it most of them to reach their dreams is money and hardwork but not both for many.The one who has money would not have to wait for anything other than just take up preliminary tests and get ready to fly.