[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: re: [Full-disclosure] 0-day for sale on ebay

To: full-disclosure@xxxxxxxxxxxxxxxxx, security curmudgeon <jericho@xxxxxxxxxxxxx>
Subject: Re: re: [Full-disclosure] 0-day for sale on ebay
From: Juha-Matti Laurio <juha-matti.laurio@xxxxxxxx>
Date: Sat, 10 Dec 2005 02:30:24 +0200 (EET)

Btw, when checked the price was $64 and then at 9AM Finnish-time it was gone.

But anyway, your screenshot with 'bid $0.01' is cool in a certain way.. We have the fact that the recent CVSS Severity is 2.8 and it was researched on Dec. 6th, we can just wait the fix now.

- Juha-Matti

: They have even assigned a CVE entry for this: : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-4131 : : Some interesting references with a screenshot included too.
Microsoft has verified the bug is legitimate though:
http://www.eweek.com/article2/0,1759,1899697,00.asp?kc=EWRSS03129TX1K0000614
heBay Pulls Bidding for MS Excel Vulnerability
By Ryan Naraine
December 9, 2005
Whats the retail value of a security vulnerability in Microsoft Corp.s Excel spreadsheet program? At last check: $53 and counting.

.......

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] PowerTerm
Next by Date: Re: [Full-disclosure] McAfee VirusScan vs Metasploit Framework v2.x
Previous by thread: Re: [Full-disclosure] 0-day for sale on ebay
Next by thread: [Full-disclosure] MDKSA-2005:224 - Updated curl package fixes format string vulnerability
Index(es):
- Date
- Thread