Full Disclosure mailing list archives
Re: [SE-2012-01] Security weakness in Apple QuickTime Java extensions (details released)
From: Security Explorations <contact () security-explorations com>
Date: Thu, 28 Jun 2012 11:44:28 +0200
On 2012-06-26 23:00, Ramo wrote:
The more surprising it is to see a vendor's response downplaying the importance of the issue found in its code that can actually contribute to the full blown attack against the users of its software.This is apple you're talking about, are you really that surprised?
The answer is "yes" and "no": - Yes - because, that kind of attitude coming from a big software vendor with a large users base seems to be rare these days. Also, in the past we haven't experienced any issues with the company. - No - because we are aware that different vendors may act differently in response to the information received about security flaws in their products. That's one of the reasons behind our disclosure policy, vendors status and legal threats pages. Thank you. Best Regards, Adam Gowdiak --------------------------------------------- Security Explorations http://www.security-explorations.com "We bring security research to the new level" --------------------------------------------- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [SE-2012-01] Security weakness in Apple QuickTime Java extensions (details released) Security Explorations (Jun 25)
- Re: [SE-2012-01] Security weakness in Apple QuickTime Java extensions (details released) Ramo (Jun 27)
- Re: [SE-2012-01] Security weakness in Apple QuickTime Java extensions (details released) Security Explorations (Jun 28)
- Re: [SE-2012-01] Security weakness in Apple QuickTime Java extensions (details released) Ramo (Jun 27)