[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Facebook Attach EXE Vulnerability

To: Pablo Ximenes <pablo@xxxxxxxx>
Subject: Re: [Full-disclosure] Facebook Attach EXE Vulnerability
From: Peter Dawson <slash.pd@xxxxxxxxx>
Date: Fri, 28 Oct 2011 12:19:50 -0400

oh ok..i c ur point.. if they did tell him to wait and he failed their NDA..
then its an issue

/pd


On Fri, Oct 28, 2011 at 12:04 PM, Pablo Ximenes <pablo@xxxxxxxx> wrote:

>  Agreed. What I'm asking is whether Facebook did ask him to wait. Did it?
> If it did it's a whole different ball game.
>
>
> Pablo Ximenes
> http://ximen.es/
> http://twitter.com/pabloximenes
>
> Em 28/10/2011, às 13:01, Peter Dawson <slash.pd@xxxxxxxxx> escreveu:
>
>    I dont  think that he waited for vendor to confirm fix in production
> and I dont see a reason that he needs to wait . If FB did not ask him to
> refrain from disclosure.. y shld  he ?
>
> 09/30/2011 Reported Vulnerability to the Vendor
> 10/26/2011 Vendor Acknowledged Vulnerability
> 10/27/2011 Publicly Disclosed
>
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] Facebook Attach EXE Vulnerability
  - From: Nathan Power
- Re: [Full-disclosure] Facebook Attach EXE Vulnerability
  - From: Joshua Thomas
- Re: [Full-disclosure] Facebook Attach EXE Vulnerability
  - From: Pablo Ximenes
- Re: [Full-disclosure] Facebook Attach EXE Vulnerability
  - From: Peter Dawson
- Re: [Full-disclosure] Facebook Attach EXE Vulnerability
  - From: Pablo Ximenes

Prev by Date: Re: [Full-disclosure] Facebook Attach EXE Vulnerability
Next by Date: Re: [Full-disclosure] Tor anonymizing network Compromised by French researchers
Previous by thread: Re: [Full-disclosure] Facebook Attach EXE Vulnerability
Next by thread: Re: [Full-disclosure] Facebook Attach EXE Vulnerability
Index(es):
- Date
- Thread