[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] Re: Yet another IE aperture

To: guninski@xxxxxxxxxxxx
Subject: [Full-Disclosure] Re: Yet another IE aperture
From: Aviv Raff <avivra@xxxxxxxxx>
Date: Sat, 9 Oct 2004 13:21:00 +0200

> >By opening html in IE it is possible to read at least well formed xml from
> >arbitrary servers. The info then may be transmitted.

Can you clarify what is the security issue with reading information of
other servers from the web browser?

Am I missing the point here?

-- Aviv Raff

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: Re: [Full-Disclosure] Hacking into private files, my credit card purchases, personal correspondence or anything that is mine is trespassing and criminal.
Next by Date: Re: [Full-Disclosure] Hacking into private files, my credit card purchases, personal correspondence or anything that is mine is trespassing and criminal.
Previous by thread: Re: [Full-Disclosure] Re: Yet another IE aperture
Next by thread: [Full-Disclosure] JPEG GDI+ (MS04-028) Exploit @ http://home.zccn.net/mm2004
Index(es):
- Date
- Thread