lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <001d01c5e199$9c729cd0$0400a8c0@winxp64>
Date: Fri Nov  4 23:44:15 2005
From: ad at class101.org (ad@...ss101.org)
Subject: new IE bug (confirmed on ALL windows)

MS answer:

 


You are right, we have not found any possibility for code execution. We
have confirmed that this is a null pointer dereference that only will cause
the current Internet Explorer process to exit. As such, this issue is on par
with reports we get via the Microsoft Online Crash Analysis 

 

(MOCA) system. We are therefore treating this as a stability issue along
with other such issues being reported via MOCA. You can read more about MOCA
at http://oca.microsoft.com/. A user can restart Internet Explorer and not
visit the Web site again to avoid this from happening. I have asked the
product team to consider fixing it as a stability fix in future versions of
Internet Explorer. 


 

 

-----Message d'origine-----
De : ad@...ss101.org [mailto:ad@...ss101.org] 
Envoy? : mercredi 2 novembre 2005 17:53
? : 'ad@...ss101.org'; 'Christophe Garault';
'full-disclosure@...ts.grok.org.uk'
Objet : RE: [Full-disclosure] new IE bug (confirmed on ALL windows)

 

Anyway it's clear there is a bug , forwarded this to ms and they will prolly
fix it this month, not sure but I don?t think it's a high risk so no need to
bother fd list more answering here, if you want to reach me you know my
email.. sorry for the spam all and have a nice day!

 

-----Message d'origine-----

De : ad@...ss101.org [mailto:ad@...ss101.org] 

Envoy? : mercredi 2 novembre 2005 17:40

? : 'Christophe Garault'; 'full-disclosure@...ts.grok.org.uk'

Objet : RE: [Full-disclosure] new IE bug (confirmed on ALL windows)

 

I just don't like such insisted contradiction when proof is here that?s
all...have been able to test it on 9 windows + 1 98SE and there is always
someone to put the doubt on it ... my reaction maybe suck but I thought it
was clear...........................

 

-----Message d'origine-----

De : full-disclosure-bounces@...ts.grok.org.uk
[mailto:full-disclosure-bounces@...ts.grok.org.uk] De la part de Christophe
Garault

Envoy? : mercredi 2 novembre 2005 17:34

? : full-disclosure@...ts.grok.org.uk

Objet : Re: [Full-disclosure] new IE bug (confirmed on ALL windows)

 

ad@...ss101.org wrote :

> http://class101.org/98se.bmp

> 

> goodbye greg..

 

Dear Arnaud,

 

do you understand that by acting this way you give a really poor image of
French

people? Do you only care?

Everywhere around the world people say we're arrogant.

Now, completely ashamed, I must admit that it's probably true for part of
us.

Please try to act like if you were an adult, not like a kid living with his

parents...

 

-- 

Christophe Garault

_______________________________________________

Full-Disclosure - We believe in it.

Charter: http://lists.grok.org.uk/full-disclosure-charter.html

Hosted and sponsored by Secunia - http://secunia.com/

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20051105/361ad4cf/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ