[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] POC for a simple gmail/possible code injection into html wich can be executed in an email, i will make the PoC code and explain how here and now...

To: secn3t@xxxxxxxxx
Subject: Re: [Full-disclosure] POC for a simple gmail/possible code injection into html wich can be executed in an email, i will make the PoC code and explain how here and now...
From: Jeffrey Walton <noloader@xxxxxxxxx>
Date: Sat, 11 Jun 2011 21:18:53 -0400

On Sat, Jun 11, 2011 at 9:06 PM, -= Glowing Doom =- <secn3t@xxxxxxxxx> wrote:

> It is now, over 1yr old atleast and exists in riched20.dll.
> This PoC info is over for me also.
Microsoft had problems with a backspace in the past. Search for "CSRSS
Backspace Bug".

> [SNIP

Jeff

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] POC for a simple gmail/possible code injection into html wich can be executed in an email, i will make the PoC code and explain how here and now...
  - From: Christian Sciberras

References: