Full Disclosure mailing list archives
Re: MS04-004??
From: Paul Tinsley <pdt () jackhammer org>
Date: Tue, 03 Feb 2004 09:19:19 -0600
It would seem I was actually quite wrong, it doesn't just fix the url spoofing problem which is actually %01 not %00, duh. Anyway... The fixes in MS04-004 are very similar to MS03-048 (so similar they copy and pasted most of the bulletin,) BUT they are new vulnerabilities with the same end state: remote code execution. Further adding to the reasoning for an out of cycle release. I personally think they should make this more clear, looking at MS03-048 and MS04-004 side by side makes you think they just kept the rollup verbage and added the URL fix.
See CVE for more info: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1025 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1026 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1027 David Vincent wrote:
They finally have a fix for the url spoofing problem (%00) and updated a previous IE roll up to cover it. I have seen reference to this bug being used in the wild already, which meets Microsoft's out of cycle release criteria.it also seems to have fixed the damn annoying scrolling bug. -d _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- MS04-004?? Mike Wronski (Feb 02)
- Re: MS04-004?? Paul Tinsley (Feb 02)
- <Possible follow-ups>
- RE: MS04-004?? David Vincent (Feb 02)
- Re: MS04-004?? Paul Tinsley (Feb 03)