Full Disclosure mailing list archives
Re: [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability
From: M.B.Jr. <marcio.barbado () gmail com>
Date: Thu, 17 Jan 2008 18:33:08 -0200
Guess Fredrick's sarcastic and cynical suggestion is: xss-like menaces seems as unstoppable as this web-slavery the industry imposes. Well, if so, I agree. On 1/17/08, BlackHawk <hawkgotyou () gmail com> wrote:
====== 4) Fix ======Notepad should be rewritten to filter potentially dangerous characters. Characters can be converted to their html encoded equivalents.translated: you CAN'T write pages in HTML with any program..Fredrick Diggle Security Services is probably the best application security researchers on the scene this month. They have identified several hundred thousand vulnerabilities this week[..]i think you must read this: http://www.amazon.com/PCs-Dummies-Quick-Reference-Gookin/dp/0764507222 -- Best regards, BlackHawk mailto:hawkgotyou () gmail com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-- Marcio Barbado, Jr. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability Fredrick Diggle (Jan 17)
- Re: [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability Nate McFeters (Jan 17)
- Re: [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability T Biehn (Jan 17)
- Re: [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability M . B . Jr . (Jan 17)
- Re: [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability str0ke (Jan 17)
- Re: [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability worried security (Jan 17)
- Re: [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability Sascha Roeske (Jan 17)
- Re: [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability Fredrick Diggle (Jan 17)
- Re: [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability BlackHawk (Jan 17)
- Re: [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability M . B . Jr . (Jan 17)
- Re: [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability Nate McFeters (Jan 17)