> Fredrick Diggle Security Advisory > >Application: Notepad >Versions: 5.1.2600.2180 verified to be vulnerable >Platforms: Microsoft Windows (All Versions) >Bugs: Cross Site Scripting (XSS) >Severity: Critically High >Date: 17 Jan 2008 >Credit: Estr Hinan > >#######################################################################
>That’s a really funny “security risk”. I don’t agree with you, because >otherwise every editor, which is able to save HTML Files, is a security >problem. So vi, Dreamweaver, emacs… are all unsecure? It is your decision, >to open a HTML file or not. And (if here are some MS guys) please don’t fix >this “issue”, because sometimes, if you haven’t a professional tool at the >moment, the Windows editor can be useful, too. Also, if you need to edit >some small Scripts. > >Yours, >SR > Speaking of professional tools... Let's hope this was just a language translation error and not a fully understood response. Lighten up, folks. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
