[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] MS04-004??

To: David Vincent <david.vincent@mightyoaks.com>
Subject: Re: [Full-Disclosure] MS04-004??
From: Paul Tinsley <pdt@jackhammer.org>
Date: Tue, 03 Feb 2004 09:19:19 -0600

It would seem I was actually quite wrong, it doesn't just fix the url spoofing problem which is actually %01 not %00, duh. Anyway... The fixes in MS04-004 are very similar to MS03-048 (so similar they copy and pasted most of the bulletin,) BUT they are new vulnerabilities with the same end state: remote code execution. Further adding to the reasoning for an out of cycle release. I personally think they should make this more clear, looking at MS03-048 and MS04-004 side by side makes you think they just kept the rollup verbage and added the URL fix.

See CVE for more info:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1025
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1026
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1027

David Vincent wrote:

They finally have a fix for the url spoofing problem (%00) and updated a previous IE roll up to cover it. I have seen reference to this bug being used in the wild already, which meets Microsoft's out of cycle release criteria.

it also seems to have fixed the damn annoying scrolling bug.

-d
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- RE: [Full-Disclosure] MS04-004??
  - From: David Vincent <david.vincent@mightyoaks.com>

Prev by Date: [Full-Disclosure] Re:
Next by Date: [Full-Disclosure] [SECURITY] [DSA 432-1] New crawl packages fix potential local games exploit
Previous by thread: RE: [Full-Disclosure] MS04-004??
Next by thread: [Full-Disclosure] Old Hack?
Index(es):
- Date
- Thread