lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <200310091900.h99J0MLi028824@web194.megawebservers.com>
From: 1 at malware.com (http-equiv@...ite.com)
Subject: Fw: Windows Mediaplayer separate vulnerability?


<!-- 

Finally, SecurityFocus links this issue to an issue [5] 
reported by http-equiv back in july in BID8263 [6]. Although 
SecurityFocus does admit  there is very little info at 
the moment on which to base this.

 -->

It fixes the following which now gives an 'access denied' to 
html+time [the DHTML aspect they are referring to] in the restricted 
zone in Outlook Express:

http://cert.uni-stuttgart.de/archive/ntbugtraq/2003/05/msg00046.html

and supposedly this, which allows redirecting from the internet to 
the local zone 'my computer' which can lead to compromise:

http://cert.uni-stuttgart.de/archive/bugtraq/2003/07/msg00297.html

But there always seems to be more where that came from :(

-- 
http://www.malware.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ