| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: msaqibilyas at myrealbox.com (M Saqib Ilyas) Subject: RE: Internet explorer 6 on windows XP allows exection of arbitrary code ( and opera and Mozilla too) Dear all, Chopping off the long thread and leaving a few lines for reference. If one switches on a Windows box from IE to Mozilla or some other for browsing the web, still the IE control would be everywher in your UI, My Computer, Network Neighborhood etc. Granted, you would be safe from attacks being launched through web pages attempting to execute arbitrary or malicious code, but if M$ implements some kind of preview mechanism, or mistakenly I open a page in IE due to incorrect default association, arent there still chances of the same vulnerability coming back to haunt me? Granted, the chances will be less, but IE has sunk its nails into the UI. Isnt that true? Regards Saqib ----- Original Message ----- From: "Drew Copley" <dcopley@...e.com> To: <full-disclosure@...ts.netsys.com> Sent: Saturday, September 13, 2003 2:53 AM Subject: [Full-Disclosure] RE: Internet explorer 6 on windows XP allows exection of arbitrary code ( and opera and Mozilla too) > > serious ? these if I understand correctly merely crash your > > browser nothing perticularly serious about that. > > > > Granted no browser will be without flaws so there is > > probably heaps of stuff to be found in mozilla aswell, but > > remote code execution?? I dont believe there has been a > > single flaw in netscape or mozilla that allowed you to > > execute code simply by putting together some javascript (you > > can correct me on this) even when it was the dominant browser
Powered by blists - more mailing lists