[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-Disclosure] Dull-Disclosure
- To: <full-disclosure@xxxxxxxxxxxxxxxx>
- Subject: [Full-Disclosure] Dull-Disclosure
- From: "Curt Purdy" <purdy@xxxxxxxxxx>
- Date: Mon, 14 Jun 2004 17:30:51 -0500
You think infosec.volubis.com was dissing us? BTW, haven't gotten spyware
one since switching to FireFox 6 months ago. And the extensions rock!
Quote:
Detailed information on a brace of unpatched vulnerabilities in Internet
Explorer has been posted onto a dull disclosure mailing list. The flaws
involve a cross-zone scripting vuln and a bug in IE's Local Resource Access
and pose an "extremely critical" risk to Windows users, according to
security firm Secunia. The vulnerabilities affect both Internet Explorer 6
and Outlook.
The vulnerabilities are actively being exploited in the wild to install
adware on users' systems, security researchers warn. Other exploits -
include computer viruses - based on the same techniques of tricking users
into visiting a maliciously constructed website housing malign script could
follow.
Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA
Information Security Engineer
DP Solutions
----------------------------------------
If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- White House cybersecurity adviser Richard Clarke
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html