| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed May 10 01:01:13 2006 From: 0x80 at hush.ai (0x80@...h.ai) Subject: IE7 Zero Day But not a big enough threat to outbid the highest bidder who incidentally will be recieing full PoC by morning. On Mon, 08 May 2006 18:04:02 -0700 n3td3v <n3td3v@...il.com> wrote: >On 5/8/06, 0x80@...h.ai <0x80@...h.ai> wrote: >> There is no skin to save. No law is being broken and I am not >> holding anyone ransom. >> >> Microsoft is not the only vendor that can fix this bug either, >it >> would be easy to patch the DLLs involved. >> >> No one is monitoring anything because I have not broken any laws >in >> any country. You reply simply dances around the issue because >as >> usual, you have zero idea what you are talking about. > >Symantec see you as threat: > >" > >ThreatCon Level is 1 > >A researcher has made a post to the Full-Disclosure mailing list >claiming that he has discovered two unknown and unpatched >vulnerabilities in Microsoft Internet Explorer 7, which is >currently >in beta. He also states that at least one of the issues is present >in >Microsoft Internet Explorer version 6.x, but circumstances unknown >to >the researcher prevent him from being able to successfully exploit >it. >The discoverer of these issues has stated that they will be >privately >sold to the highest bidder. Internet Explorer 7 is beta software, >and >as such, should not be used on sensitive systems. Though the >possibility of exploitation against version 6.x may exist, it >should >always be assumed that there may be latent vulnerabilities in >client >software. Users are advised to employ best practices such as >avoiding >untrusted websites, links from untrusted sources, and running such >software with the least possible privileges. > > >" >http://www.symantec.com/avcenter/threatcon/learnabout.html > >Regards, > >n3td3v > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.grok.org.uk/full-disclosure-charter.html >Hosted and sponsored by Secunia - http://secunia.com/ Concerned about your privacy? Instantly send FREE secure email, no account required http://www.hushmail.com/send?l=480 Get the best prices on SSL certificates from Hushmail https://www.hushssl.com?l=485
Powered by blists - more mailing lists