Network Security: Detailed info on RE: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security FullDisclosure

[Top] [All Lists]

RE: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability

from [Michal Zalewski] Network Security

[Permanent Link]

Subject:	RE: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability
Date:	Thu, 27 Apr 2006 14:57:19 +0200 (CEST)

On Thu, 27 Apr 2006, Larry Seltzer wrote:

More on this in my column later this morning at
http://security.eweek.com/


  "Just who does he think he is? [...] Zalewski may think he's some sort
  of hero disclosing this information, but his is the act of a vandal. If
  it turns out that the bug is exploitable and abused before it's patched,
  then perhaps he'll be proud to be remembered for that."

Ho boy. Yup. Now that you foiled that plan, at least I can be proud of
being featured in your op-ed as an egomaniac bent on hurting people by
providing them with information. That's almost as good.

/mz

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability, (continued) Re: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability, bruen Re: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability, Michal Zalewski Re: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability, Michal Zalewski Re[2]: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability, Thierry Zoller Re: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability, Morning Wood Re: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability, Randal T. Rioux Re: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability, Javor Ninov RE: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability, bruen RE: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability, Michal Zalewski RE: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability, Michal Zalewski RE: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability, Michal Zalewski <= RE: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability, Pedro Hugo Re: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability, str0ke Re: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability, poo Re[2]: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability, Thierry Zoller RE: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability, Tim Bilbro RE: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability, Michal Zalewski Re: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability, Brian Eaton Re: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability, Michal Zalewski Re: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability, Peter Besenbruch RE: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability, Chris Eagle

Previous by Date:	[Full-disclosure] PoC for Internet Explorer Modal Dialog Issue, Matthew Murphy
Next by Date:	RE: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability, Pedro Hugo
Previous by Thread:	RE: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability, Michal Zalewski
Next by Thread:	RE: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability, Pedro Hugo
Indexes:	[Date] [Thread] [Top] [All Lists]