The grand-son of Cuartango Hole

From: aleph1at_private
Date: Wed Dec 23 1998 - 20:09:05 PST

Next message: Casper Dik: "Re: Nmap network auditing/exploring tool V. 2.00 released"

Previous message: David Schwartz: "Re: CERT Advisory CA-98.13 - TCP/IP Denial of Service"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Ladies and Gentlemen,
Yesterday I reported to Microsoft the "Grand-Son of Cuartango hole". Still the same "USP" problem existing in the "Cuartango Hole" and the "Son of Cuartago Hole" : Your computer files can be stolen by a malicious script. 
MS has fixed it inmediately with the "Frame Spoof Fix" :
http://www.microsoft.com/windows/ie/security/spoof.asp
You will find  a technical description and a real demo in the page below :
http://pages.whowhere.com/computers/cuartangojc/gson2.html
Have a merry Christmas and a happy new year
Regards,
Juan Carlos G. Cuartango

Next message: Casper Dik: "Re: Nmap network auditing/exploring tool V. 2.00 released"
Previous message: David Schwartz: "Re: CERT Advisory CA-98.13 - TCP/IP Denial of Service"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:26:07 PDT