lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.58.0604271448340.18805@dione>
Date: Thu Apr 27 13:57:28 2006
From: lcamtuf at dione.ids.pl (Michal Zalewski)
Subject: MSIE (mshtml.dll) OBJECT tag vulnerability

On Thu, 27 Apr 2006, Larry Seltzer wrote:

> More on this in my column later this morning at
> http://security.eweek.com/

  "Just who does he think he is? [...] Zalewski may think he's some sort
  of hero disclosing this information, but his is the act of a vandal. If
  it turns out that the bug is exploitable and abused before it's patched,
  then perhaps he'll be proud to be remembered for that."

Ho boy. Yup. Now that you foiled that plan, at least I can be proud of
being featured in your op-ed as an egomaniac bent on hurting people by
providing them with information. That's almost as good.

/mz

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ