Is it feasible to write an effective network-only check for the latest IE6 VML vulnerability?
My response thusfar is no, primarily because I think there are many different ways one could mask traffic to exploit the vulnerability. Perhaps, more fundamental, is the nature of this vulnerability - it is higher up in the stack and thus, will require more resident or privileged means to effectively check for the vulnerability.
Thoughts?
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
