Full Disclosure mailing list archives
RE: iDEFENSE Security Advisory 07.12.04: Adobe Reader 6.0 Filename Handler Buffer Overflow Vulnerability
From: "iDefense Labs" <labs () iDefense com>
Date: Mon, 12 Jul 2004 17:24:13 -0400
Cary, The discovery date is a typo and has been corrected on our website: http://www.idefense.com/application/poi/display?id=116&type=vulnerabilit ies The corrected timeline is: 02/02/2004 Exploit discovered by iDEFENSE 03/11/2004 Initial vendor notification 03/11/2004 Initial vendor response 03/11/2004 iDEFENSE clients notified 06/07/2004 Vendor update released 07/12/2004 Public Disclosure Greg pointed out my error shortly after the advisory was sent. Regards, Michael Sutton Director, iDEFENSE Labs -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Cary Barker Sent: Monday, July 12, 2004 3:27 PM To: Full-Disclosure () lists netsys com Subject: RE: [Full-disclosure] iDEFENSE Security Advisory 07.12.04: Adobe Reader 6.0 Filename Handler Buffer Overflow Vulnerability <snip> 02/02/2003 Exploit discovered by iDEFENSE 03/11/2004 Initial vendor notification <snip> Is that initial notification date a typo or did they sit on it for over a year before notifying the vendor? Cary Barker Network Security Administrator Campbell & Company, Inc. -----Original Message----- From: idlabs-advisories () idefense com [mailto:idlabs-advisories () idefense com] Sent: Monday, July 12, 2004 10:50 AM To: idlabs-advisories () idefense com Subject: [Full-disclosure] iDEFENSE Security Advisory 07.12.04: Adobe Reader 6.0 Filename Handler Buffer Overflow Vulnerability <snip> ______________________________________________________________________ Campbell & Company, Inc.: The information in this e-mail may contain privileged/confidential information. If you are not the intended recipient, you must not read, use, copy or disseminate the information or take any action in reliance thereupon. If you have received this e-mail in error, please notify Campbell & Company, Inc. immediately by e-mail or telephone and delete the e-mail and any attachments from any computer. The information in this e-mail does not constitute an offer to sell or the solicitation of an offer to buy any securities in any jurisdiction or for the benefit of any person. ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- iDEFENSE Security Advisory 07.12.04: Adobe Reader 6.0 Filename Handler Buffer Overflow Vulnerability idlabs-advisories (Jul 12)
- <Possible follow-ups>
- RE: iDEFENSE Security Advisory 07.12.04: Adobe Reader 6.0 Filename Handler Buffer Overflow Vulnerability Cary Barker (Jul 12)
- RE: iDEFENSE Security Advisory 07.12.04: Adobe Reader 6.0 Filename Handler Buffer Overflow Vulnerability iDefense Labs (Jul 12)