Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: MS04-004??

From: Paul Tinsley <pdt () jackhammer org>
Date: Tue, 03 Feb 2004 09:19:19 -0600
It would seem I was actually quite wrong, it doesn't just fix the url spoofing problem which is actually %01 not %00, duh. Anyway... The fixes in MS04-004 are very similar to MS03-048 (so similar they copy and pasted most of the bulletin,) BUT they are new vulnerabilities with the same end state: remote code execution. Further adding to the reasoning for an out of cycle release. I personally think they should make this more clear, looking at MS03-048 and MS04-004 side by side makes you think they just kept the rollup verbage and added the URL fix. 

See CVE for more info:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1025
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1026
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1027

David Vincent wrote:
They finally have a fix for the url spoofing problem (%00) and updated a previous IE roll up to cover it. I have seen reference to this bug being used in the wild already, which meets Microsoft's out of cycle release criteria. 

it also seems to have fixed the damn annoying scrolling bug.

-d

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: