Full Disclosure mailing list archives
Re: MSIE (mshtml.dll) OBJECT tag vulnerability
From: Javor Ninov <drfrancky () securax org>
Date: Thu, 27 Apr 2006 10:45:12 +0300
This is Full-Disclosure if you didn't notice. I personally don't care about the vendors. I disclosure. going to check the stores can get me nothing but jail time. but if it's not prohibited by law hell i will disclosure such list. Javor Ninov aka DrFrancky http://securitydot.net/ Tim Bilbro wrote:
You do a disservice to all IT shops by announcing these vulnerabilities before contacting the vendor. I am sure it would not generate as much web traffic to your site, but it is only fair and right to allow at least some amount of time for the vendor to respond. If you think you are helping, you are wrong. Would you go around town checking which stores are unlocked at night and then publish the list in the news before letting the shop owners know? That's pretty much what you are doing. It's just not helping. There is no proof that it is either. *Tim Bilbro* Information Security Specialist CISSP, MCSE /trbilbro () verizon net/ /web: //_www.bloglines.com/blog/Bilbro_/ <file://www.bloglines.com/blog/Bilbro>// /RSS: //_www.bloglines.com/blog/Bilbro/rss_/ <file://www.bloglines.com/blog/Bilbro/rss>// ------------------------------------------------------------------------ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Re: MSIE (mshtml.dll) OBJECT tag vulnerability, (continued)
- Re: Re: MSIE (mshtml.dll) OBJECT tag vulnerability Raoul Nakhmanson-Kulish (en) (Apr 25)
- Re: Re: MSIE (mshtml.dll) OBJECT tag vulnerability Javor Ninov (Apr 26)
- Re: Re: MSIE (mshtml.dll) OBJECT tag vulnerability 0x80 (Apr 26)
- MSIE (mshtml.dll) OBJECT tag vulnerability Tim Bilbro (Apr 26)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability bruen (Apr 26)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability Michal Zalewski (Apr 26)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability Michal Zalewski (Apr 26)
- Re[2]: MSIE (mshtml.dll) OBJECT tag vulnerability Thierry Zoller (Apr 26)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability Morning Wood (Apr 26)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability Randal T. Rioux (Apr 26)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability Javor Ninov (Apr 27)
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability bruen (Apr 26)
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability Michal Zalewski (Apr 26)
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability Michal Zalewski (Apr 26)
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability Michal Zalewski (Apr 27)
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability Pedro Hugo (Apr 27)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability str0ke (Apr 27)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability poo (Apr 27)
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability Pedro Hugo (Apr 27)
- Re[2]: MSIE (mshtml.dll) OBJECT tag vulnerability Thierry Zoller (Apr 27)
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability Tim Bilbro (Apr 27)
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability Michal Zalewski (Apr 27)