| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: editor at infoguerra.com.br (Giordani Rodrigues) Subject: Outlook Express Remote Code Execution in Preview Pane (S/MIME) Same thing here. However, I suppose this is only a wrong message. The correct message should be "You don't need to install this patch", or something like this. Take a look at what MS says: http://www.microsoft.com/technet/security/bulletin/ms02-058.asp : "Additional information about this patch (...) The fix for this issue is included in Outlook Express 6.0 Service Pack 1 (which is available in Internet Explorer 6.0 Service Pack 1 or as part of Windows XP Service Pack 1)." Regards, Giordani Rodrigues. ----- Original Message ----- From: "HggdH" <hggdh@...bi.com> To: <full-disclosure@...ts.netsys.com> Sent: Thursday, October 10, 2002 8:41 PM Subject: Fw: [Full-Disclosure] Outlook Express Remote Code Execution in Preview Pane (S/MIME) > I went ahead, and downloaded and applied the patch to one of my systems.. > > This system is a Windows 2000 SP3 + all sec patches to dsate, IE6 SP1 > V6.0.2800.1106, OE6 V6.0.2800.1106. > > To my surprise, the patch refused to install, telling me "This update > requires Internet Explorer 6.0 to be installed.". > > So. Is Outlook Express V6 (as of MS Internet Explorer V6 SP1) vulnerable or > not? > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html >
Powered by blists - more mailing lists