Is this for real? If so, this is a huge scandal imho. Such a simple error for a Facebook developer to make. On 27 Oct 2011 13:53, "Nathan Power" <[email protected]> wrote:
> > --------------------------------------------------------------------------------- > 1. Summary: > > When using the Facebook 'Messages' tab, there is a feature to attach a > file. > Using this feature normally, the site won't allow a user to attach an > executable file. > A bug was discovered to subvert this security mechanisms. Note, you do NOT > have > to be friends with the user to send them a message with an attachment. > > > --------------------------------------------------------------------------------- > > Read the rest of this advisory here: > > http://www.securitypentest.com/2011/10/facebook-attach-exe-vulnerability.html > > > Enjoy :) > > > Nathan Power > www.securitypentest.com > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
