funsec mailing list archives
First IE7 Security Flaw Found
From: "Fergie" <fergdawg () netzero net>
Date: Thu, 19 Oct 2006 15:56:05 GMT
Via Yahoo! News (PC World) and Secunia. [snip] Less than 24 hours after the launch of Internet Explorer 7, security researchers are poking holes in the new browser. Danish security company Secunia reported today that IE7 contains an information disclosure vulnerability, the same one it reported in IE6 in April. The vulnerability affects the final version of IE7 running on Windows XP with Service Pack 2. If a surfer uses IE7 to visit a maliciously crafted Web site, that site could exploit the security flaw to read information from a separate, secure site to which the surfer is logged in. That could enable an attacker to read banking details, or messages from a Web-mail account, said Thomas Kristensen, Secunia's chief technology officer. [snip] More of the article: http://news.yahoo.com/s/pcworld/20061019/tc_pcworld/127564 Secunia advisory: http://secunia.com/advisories/22477/ - ferg -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- First IE7 Security Flaw Found Fergie (Oct 19)
- Re: First IE7 Security Flaw Found Ron (Oct 19)
- RE: First IE7 Security Flaw Found Larry Seltzer (Oct 19)
- Re: First IE7 Security Flaw Found Nick FitzGerald (Oct 19)
- <Possible follow-ups>
- Re: First IE7 Security Flaw Found Juha-Matti Laurio (Oct 19)
- Re: First IE7 Security Flaw Found Juha-Matti Laurio (Oct 20)
- Re: First IE7 Security Flaw Found Ron (Oct 19)