lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: editor at infoguerra.com.br (Giordani Rodrigues)
Subject: Outlook Express Remote Code Execution in Preview Pane (S/MIME)

Same thing here. However, I suppose this is only a wrong message. The
correct message should be "You don't need to install this patch", or
something like this.

Take a look at what MS says:

http://www.microsoft.com/technet/security/bulletin/ms02-058.asp :

"Additional information about this patch
(...)
The fix for this issue is included in Outlook Express 6.0 Service Pack 1
(which is available in Internet Explorer 6.0 Service Pack 1 or as part of
Windows XP Service Pack 1)."


Regards,

Giordani Rodrigues.


----- Original Message -----
From: "HggdH" <hggdh@...bi.com>
To: <full-disclosure@...ts.netsys.com>
Sent: Thursday, October 10, 2002 8:41 PM
Subject: Fw: [Full-Disclosure] Outlook Express Remote Code Execution in
Preview Pane (S/MIME)


> I went ahead, and downloaded and applied the patch to one of my systems..
>
> This system is a Windows 2000 SP3 + all sec patches to dsate,  IE6 SP1
> V6.0.2800.1106, OE6 V6.0.2800.1106.
>
> To my surprise, the patch refused to install, telling me "This update
> requires Internet Explorer 6.0 to be installed.".
>
> So. Is Outlook Express V6 (as of MS Internet Explorer V6 SP1) vulnerable
or
> not?
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>


Powered by blists - more mailing lists