| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ccee4b0a0605090949k681416e2o175d57874268f0a5@mail.gmail.com> Date: Tue May 9 17:49:42 2006 From: duckhacks at gmail.com (Ducki3) Subject: IE7 Zero Day That made my day... Duck On 5/8/06, n3td3v <n3td3v@...il.com> wrote: > > >Symantec see you as threat: > > >" > > >ThreatCon Level is 1 > > >A researcher has made a post to the Full-Disclosure mailing list > >claiming that he has discovered two unknown and unpatched > >vulnerabilities in Microsoft Internet Explorer 7, which is currently > >in beta. He also states that at least one of the issues is present in > >Microsoft Internet Explorer version 6.x, but circumstances unknown to > >the researcher prevent him from being able to successfully exploit it. > >The discoverer of these issues has stated that they will be privately > >sold to the highest bidder. Internet Explorer 7 is beta software, and > >as such, should not be used on sensitive systems. Though the > >possibility of exploitation against version 6.x may exist, it should > >always be assumed that there may be latent vulnerabilities in client > >software. Users are advised to employ best practices such as avoiding > >untrusted websites, links from untrusted sources, and running such > >software with the least possible privileges. > > > > >http://www.symantec.com/avcenter/threatcon/learnabout.html > > >Regards, > > >n3td3v > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060509/ff75cebd/attachment.html
Powered by blists - more mailing lists