Re[2]: [ALERT] Remote File Execution By Web or Mail: Internet Explorer

From: Mariusz Mazur (mariuszat_private)
Date: Fri Nov 23 2001 - 07:59:14 PST

Next message: vuln-dev: "Revised Advisory on Hewlett Packard Issue"

Previous message: Ron DuFresne: "Re: [NetGuard Security] NSI Rwhoisd another Remote Format String Vulnerability"
In reply to: Bill Weiss: "Re: [ALERT] Remote File Execution By Web or Mail: Internet Explorer"
Next in thread: Ben Smee: "RE: [ALERT] Remote File Execution By Web or Mail: Internet Explorer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2001-11-23 Bill Weiss wrote the folowyng:

BW> I think the point was to show us that the MS policy is stupid.  There's a
BW> hole, obviously it can be found, but MS doesn't want us to know about
BW> it.

Now I'm completely messed up. So is this just a hoax, a proof of concept
(concept=non disclosure really sux), or a real bug?

Could anybody confirm this (preferably the guy who sent it)?



-- 
Mariusz Mazur
"One Ring to bring them all and in the darkness bind them"
rem begin  JenniferLopez_Naked.jpg.vbs :)

Next message: vuln-dev: "Revised Advisory on Hewlett Packard Issue"
Previous message: Ron DuFresne: "Re: [NetGuard Security] NSI Rwhoisd another Remote Format String Vulnerability"
In reply to: Bill Weiss: "Re: [ALERT] Remote File Execution By Web or Mail: Internet Explorer"
Next in thread: Ben Smee: "RE: [ALERT] Remote File Execution By Web or Mail: Internet Explorer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Nov 23 2001 - 18:24:28 PST