<!--
Finally, SecurityFocus links this issue to an issue [5] reported by http-equiv back in july in BID8263 [6]. Although SecurityFocus does admit there is very little info at the moment on which to base this. --> It fixes the following which now gives an 'access denied' to html+time [the DHTML aspect they are referring to] in the restricted zone in Outlook Express: http://cert.uni-stuttgart.de/archive/ntbugtraq/2003/05/msg00046.html and supposedly this, which allows redirecting from the internet to the local zone 'my computer' which can lead to compromise: http://cert.uni-stuttgart.de/archive/bugtraq/2003/07/msg00297.html But there always seems to be more where that came from :( -- http://www.malware.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
