[Full-Disclosure] GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution
Cael Abal
lists2 at onryou.com
Wed Feb 18 15:53:02 GMT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
morning_wood wrote:
| "A security researcher, who only identified himself by the initials
| "gta,"posted information on the vulnerability to several security
| mailing lists."
|
| one down... how many more are out there?
|
| and 'yall thought that post was unconfirmed. muhahah
I'm the guy who called the vulnerability unconfirmed -- at the time, it
was. What's the big deal?
It's prudent to use words like 'supposedly' or 'possibily' when you're
working from second-hand information, especially from an unsigned
anonymous hushmail post like gta's. I didn't have the means nor desire
to test it at the time, so I left it at that.
To be honest, I'm a bit concerned that we've only seen one
publically-released exploit so far.
C
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (MingW32)
iD8DBQFAM4peR2vQ2HfQHfsRAoN8AJ90nLJvPrNGzlCiDCem6CqblHNyMwCePehp
YqLZceHzvoQHF30KAwCPC5Y=
=vGdB
-----END PGP SIGNATURE-----
Full-Disclosure is hosted and sponsored by Secunia.