Fw: [Full-Disclosure] Windows Mediaplayer separate vulnerability?
http-equiv@excite.com
1 at malware.com
Thu Oct 9 20:00:22 BST 2003
<!--
Finally, SecurityFocus links this issue to an issue [5]
reported by http-equiv back in july in BID8263 [6]. Although
SecurityFocus does admit there is very little info at
the moment on which to base this.
-->
It fixes the following which now gives an 'access denied' to
html+time [the DHTML aspect they are referring to] in the restricted
zone in Outlook Express:
http://cert.uni-stuttgart.de/archive/ntbugtraq/2003/05/msg00046.html
and supposedly this, which allows redirecting from the internet to
the local zone 'my computer' which can lead to compromise:
http://cert.uni-stuttgart.de/archive/bugtraq/2003/07/msg00297.html
But there always seems to be more where that came from :(
--
http://www.malware.com
Full-Disclosure is hosted and sponsored by Secunia.