[Full-disclosure] IE7 Zero Day
duckhacks at gmail.com
Tue May 9 17:49:32 BST 2006
That made my day...
On 5/8/06, n3td3v <n3td3v at gmail.com> wrote:
> >Symantec see you as threat:
> >ThreatCon Level is 1
> >A researcher has made a post to the Full-Disclosure mailing list
> >claiming that he has discovered two unknown and unpatched
> >vulnerabilities in Microsoft Internet Explorer 7, which is currently
> >in beta. He also states that at least one of the issues is present in
> >Microsoft Internet Explorer version 6.x, but circumstances unknown to
> >the researcher prevent him from being able to successfully exploit it.
> >The discoverer of these issues has stated that they will be privately
> >sold to the highest bidder. Internet Explorer 7 is beta software, and
> >as such, should not be used on sensitive systems. Though the
> >possibility of exploitation against version 6.x may exist, it should
> >always be assumed that there may be latent vulnerabilities in client
> >software. Users are advised to employ best practices such as avoiding
> >untrusted websites, links from untrusted sources, and running such
> >software with the least possible privileges.
-------------- next part --------------
An HTML attachment was scrubbed...
Full-Disclosure is hosted and sponsored by Secunia.