[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Apple Safari ... DoS Vulnerability
- To: full-disclosure <full-disclosure@xxxxxxxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] Apple Safari ... DoS Vulnerability
- From: Nick FitzGerald <nick@xxxxxxxxxxxxxxxxxxx>
- Date: Tue, 03 Mar 2009 22:52:48 +1300
Chris Evans to me:
> So, you have injected HTML into stupid.com, and you choose to inflict
> the fury of a closing tab upon hapless visitors?
Your point?
I said nothing about how big or bad of a vulnerability it is, just that
it is one.
Are there lots and lots of trivial vulns in software?
Yes.
Do we reliably know which ones are safe to ignore?
Not if history is any vague kind of guide...
Regards,
Nick FitzGerald
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/