lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <200410201943.16895.fulldisc@ultratux.org>
From: fulldisc at ultratux.org (Maarten)
Subject: RE: How to Break Windows XP SP2 + Internet Explorer 6 SP2

On Wednesday 20 October 2004 17:07, Thor Larholm wrote:
> I successfully reproduced this exploit on a fully patched XPSP2
> installation and can verify that malware.htm is planted locally after
> which HTML Help is used to launch it and circumvent the XPSP2 browser
> security improvements, compromising the system.
>
> However, this exploit did not work on any systems with Qwik-Fix Pro
> installed, from Windows 95 to Windows XP Service Pack 2. A free Home
> edition and a trial Corporate edition is available for download at
>
> http://www.pivx.com/qwikfixDownload.asp

No it is not, at least not before you fix your broken downloadform.  Hitting 
submit does nothing at all.  (You're not seriously telling us that you need 
MSIE to download qwikfix, or do you ?!)  

a disappointed potential customer

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ