Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [ALERT] Remote File Execution By Web or Mail: Internet Explorer

From: Mariusz Mazur <mariusz () isn pl>
Date: Thu, 22 Nov 2001 20:09:46 +0100
On 2001-11-21 hush.little.baby () hushmail com wrote the folowyng:

[moderator: since this will probably cause many people to start the nda
vs full disclosure debate so I guess you won't let it trough. So if you
don't, it would be nice to give a tip to the list.]


Ok... So we know that there is a bug... It's a critical one, ppl can
"turn it off" by editing something in the registry and Microsoft is
working hard to fix it. Oh... and we know that for the next 60 days some
people can cause some damage to me and I have no way to protect myself.

Is this just me or maybe more people think that releasing this
"advisory" (though this should be called "intimidator") was completely
irresponsible and plain stupid?


hlbhc> -----BEGIN PGP SIGNED MESSAGE-----

hlbhc> NOMEN NESCIO SECURITY ALERT #9000989 666

hlbhc> Topic: Remote File Execution By Web or Mail: Internet Explorer

hlbhc> Severity: Critical

hlbhc> Datum: 2001-11-21

---snip---



-- 
Mariusz Mazur
"One Ring to bring them all and in the darkness bind them"
rem begin  JenniferLopez_Naked.jpg.vbs :)
Previous By Date Next
Previous By Thread Next

Current thread: