Full Disclosure mailing list archives
RE: MSIE (mshtml.dll) OBJECT tag vulnerability
From: Michal Zalewski <lcamtuf () dione ids pl>
Date: Thu, 27 Apr 2006 08:33:00 +0200 (CEST)
On Wed, 26 Apr 2006, Larry Seltzer wrote:
It wasn't my analogy. I was criticizing it.
Larry, Sorry if I criticized you undeservedly, then. That exchange of mails was unclear at best, however. In this particular branch of this (silly) thread: 1) Tim Bilbro blasted me for disclosing a problem and compared this to checking at night for open store doors. 2) Bob replied and criticized Tim saying that the analogy is flawed, and that it can be compared, at best, to informing the public about car manufacturing faults and recalls. 3) You replied to Bob's (not Tim's!) mail and said that "it's a lousy analogy" and mentioned "exploiting flaws to drive it off" in a way that can be, at best, read in a couple of ways. It was only fair to assume that you meant to blast a (generally favorable) analogy brought up by Bob. If that wasn't your intention, OK, but it wasn't nearly as obvious as you'd probably want it to be.
I'll assume you're as proficient in english as in morals
Uh-oh. /mz _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- MSIE (mshtml.dll) OBJECT tag vulnerability, (continued)
- MSIE (mshtml.dll) OBJECT tag vulnerability Tim Bilbro (Apr 26)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability bruen (Apr 26)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability Michal Zalewski (Apr 26)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability Michal Zalewski (Apr 26)
- Re[2]: MSIE (mshtml.dll) OBJECT tag vulnerability Thierry Zoller (Apr 26)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability Morning Wood (Apr 26)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability Randal T. Rioux (Apr 26)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability Javor Ninov (Apr 27)
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability bruen (Apr 26)
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability Michal Zalewski (Apr 26)
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability Michal Zalewski (Apr 26)
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability Michal Zalewski (Apr 27)
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability Pedro Hugo (Apr 27)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability str0ke (Apr 27)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability poo (Apr 27)
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability Pedro Hugo (Apr 27)
- Re[2]: MSIE (mshtml.dll) OBJECT tag vulnerability Thierry Zoller (Apr 27)
- MSIE (mshtml.dll) OBJECT tag vulnerability Tim Bilbro (Apr 26)
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability Tim Bilbro (Apr 27)
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability Michal Zalewski (Apr 27)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability Brian Eaton (Apr 27)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability Michal Zalewski (Apr 27)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability Peter Besenbruch (Apr 28)
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability Michal Zalewski (Apr 27)