Re: [Full-Disclosure] MSIE src&name property disclosure

[Dave Aitel <dave@xxxxxxxxxxxxxxx>]

That's a good question for your Microsoft sales rep. If you want 
technical details, Immunity has a working and reliable Wins exploit in 
the Vulnerability Sharing Club version of CANVAS. I think there's an 
interesting difference between how the Linux community handled the 
recent kernel bugs, and how Microsoft and other commercial vendors 
handle all bugs.

Dave Aitel
Immunity, Inc.

joe wrote:

> How is it an example?
>
> -----Original Message-----
> From: full-disclosure-admin@xxxxxxxxxxxxxxxx
> [mailto:full-disclosure-admin@xxxxxxxxxxxxxxxx] On Behalf Of Dave Aitel
> Sent: Monday, November 08, 2004 9:49 AM
> To: Michal Zalewski
> Cc: Berend-Jan Wever; full-disclosure@xxxxxxxxxxxxxxxx;
> bugtraq@xxxxxxxxxxxxxxxxx
> Subject: Re: [Full-Disclosure] MSIE src&name property disclosure
>
> <SNIP>
> WINS is a classic example.
> <SNIP>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>  

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html