Re: [Full-disclosure] Microsoft Internet Explorer Local File Accesses Vulnerability

["Peter Dawson" <slash.pd@xxxxxxxxx>]

just asking... Is this std practice by vendor to state.... ???

"[..] we ask you respect responsible disclosure guidelines and not report
this publicly...."

/pd

On 2/19/07, Michal Zalewski <lcamtuf@xxxxxxxxxxxx> wrote:
> On Tue, 20 Feb 2007, Rajesh Sethumadhavan wrote:
>
> > Microsoft Internet Explorer is a default browser bundled with all
> > versions of Microsoft Windows operating system.
>
> Any luck with sending the data back to the attacker? SCRIPT and STYLE ones
> can be used to steal data from very specifically formatted files, but
> that's not a whole lot.
>
> /mz
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/