Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: How to Report a Security VulnerabilitytoMicrosoft

From: Georgi Guninski <guninski () guninski com>
Date: Tue, 12 Apr 2005 23:42:41 +0300
On Mon, Apr 11, 2005 at 01:55:00PM -0400, mcbain () aol com wrote:

   They do want you to communicate with them (or vendors) in a more responsible manner but at the same time totally 
admit to their "PR issue" and how they have handled bug finders in the past and internal security in the past and are 
changing.  There email in this thread is exactly the truth as it was written.



calculate the difference in the dates:

http://www.securityfocus.com/archive/1/395563/2005-04-09/2005-04-15/0
Microsoft MSHTA Script Execution Vulnerability

iDEFENSE Security Advisory 04.12.05
www.idefense.com/application/poi/display?id=231&type=vulnerabilities
April 12, 2005


VIII. DISCLOSURE TIMELINE

11/02/2004  Initial vendor notification
11/02/2004  Initial vendor response
04/12/2005  Coordinated public disclosure


http://www.securityfocus.com/archive/1/395562/2005-04-09/2005-04-15/0
VIII. DISCLOSURE TIMELINE

10/25/2004  Initial vendor notification
10/25/2004  Initial vendor response
04/12/2005  Coordinated public disclosure


http://www.securityfocus.com/archive/1/395559/2005-04-09/2005-04-15/0
VIII. DISCLOSURE TIMELINE

11/11/2004  Initial vendor notification
11/11/2004  Initial vendor response
04/12/2005  Coordinated public disclosure


-- 
where do you want bill gates to go today?
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: