[Full-Disclosure] MS04-004??
Paul Tinsley
pdt at jackhammer.org
Tue Feb 3 15:19:19 GMT 2004
It would seem I was actually quite wrong, it doesn't just fix the url
spoofing problem which is actually %01 not %00, duh. Anyway... The
fixes in MS04-004 are very similar to MS03-048 (so similar they copy and
pasted most of the bulletin,) BUT they are new vulnerabilities with the
same end state: remote code execution. Further adding to the reasoning
for an out of cycle release. I personally think they should make this
more clear, looking at MS03-048 and MS04-004 side by side makes you
think they just kept the rollup verbage and added the URL fix.
See CVE for more info:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1025
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1026
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1027
David Vincent wrote:
>>They finally have a fix for the url spoofing problem (%00)
>>and updated a
>>previous IE roll up to cover it. I have seen reference to this bug
>>being used in the wild already, which meets Microsoft's out of cycle
>>release criteria.
>>
>>
>
>it also seems to have fixed the damn annoying scrolling bug.
>
>-d
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
>
Full-Disclosure is hosted and sponsored by Secunia.