Full Disclosure mailing list archives
Re: MSIE7 browser entrapment vulnerability (probably Firefox, too)
From: Michal Zalewski <lcamtuf () dione ids pl>
Date: Mon, 26 Feb 2007 19:11:15 +0100 (CET)
On Fri, 23 Feb 2007, Jeffrey Katz wrote:
Just checked on IE 7.0.5730.11 -- doesn't exhibit problem.
Most certainly does; you might have scripting disabled, or be experiencing some other anomaly, but for much of the population, the attack works as advertised on that version. /mz _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- MSIE7 browser entrapment vulnerability (probably Firefox, too) Michal Zalewski (Feb 22)
- Re: MSIE7 browser entrapment vulnerability (probably Firefox, too) Michal Zalewski (Feb 23)
- Firefox: onUnload tailgating (MSIE7 entrapment bug variant) Michal Zalewski (Feb 23)
- Re: MSIE7 browser entrapment vulnerability (probably Firefox, too) Jeffrey Katz (Feb 24)
- Re: MSIE7 browser entrapment vulnerability (probably Firefox, too) Michal Zalewski (Feb 26)
- Re: MSIE7 browser entrapment vulnerability (probably Firefox, too) Matt S (Feb 26)