[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Fw: [Full-Disclosure] Windows Mediaplayer separate vulnerability?

To: <lise_moorveld@hotmail.com>
Subject: Fw: [Full-Disclosure] Windows Mediaplayer separate vulnerability?
From: "http-equiv@excite.com" <1@malware.com>
Date: Thu, 9 Oct 2003 19:00:22 -0000


<!-- 

Finally, SecurityFocus links this issue to an issue [5] 
reported by http-equiv back in july in BID8263 [6]. Although 
SecurityFocus does admit  there is very little info at 
the moment on which to base this.

 -->

It fixes the following which now gives an 'access denied' to 
html+time [the DHTML aspect they are referring to] in the restricted 
zone in Outlook Express:

http://cert.uni-stuttgart.de/archive/ntbugtraq/2003/05/msg00046.html

and supposedly this, which allows redirecting from the internet to 
the local zone 'my computer' which can lead to compromise:

http://cert.uni-stuttgart.de/archive/bugtraq/2003/07/msg00297.html

But there always seems to be more where that came from :(

-- 
http://www.malware.com


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- [Full-Disclosure] a stupid bug ...that works on mozilla, opera, IE
  - From: bipin gautam <visitbipin@yahoo.com>

Prev by Date: RE: [inbox] Re: [Full-Disclosure] MS RPC remote exploit.
Next by Date: Re: [Full-Disclosure] Re: Do you really think CDs will be protected in future?
Previous by thread: [Full-Disclosure] Windows Mediaplayer separate vulnerability?
Next by thread: [Full-Disclosure] a stupid bug ...that works on mozilla, opera, IE
Index(es):
- Date
- Thread