This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by triggering a race condition in the way IE handles the call to Window function inside a javascript Onload event. When Outlook Express is used as mail user agent, Internet Explorer can be exploited through sending the target an e-mail that contains a link to the specially designed HTML page that triggers the attack. This exploit relies in a vulnerability that allows attackers to cause Internet Explorer to execute arbitrary code via a Javascript Onload event that calls the window() function.
CVE Link
Exploit Platform
Exploit Type
Product Name