Alexander Sotirov said:
Descriptions of vulnerabilities, especially ones that are found in the
wild, should include enough information to allow researchers to
uniquely identify the new vulnerability and differentiate it from all
other bugs, both known ones and 0days.
I say this periodically,
And without any reasonable technical details it is very difficult to give a
title field for the vulnerability.
Several advisories using titles like Word Unspecified Code Execution
Vulnerability or Word Code Execution Vulnerability #2, #3 are not the trend we
want.
Related to the newest Word
Juha-Matti Laurio wrote:
Related to the newest MS Word 0-day
http://blogs.technet.com/msrc/archive/2006/12/10/new-report-of-a-word-zero-day.aspx
US-CERT Vulnerability Note VU#166700 released today lists the following
new technical detail:
Microsoft Word fails to properly handle malformed
Juha-Matti Laurio wrote:
Related to the newest MS Word 0-day
http://blogs.technet.com/msrc/archive/2006/12/10/new-report-of-a-word-zero-day.aspx
US-CERT Vulnerability Note VU#166700 released today lists the
following new technical detail:
Microsoft Word fails to properly handle malformed
Try this:
http://www.milw0rm.com/sploits/12122006-djtest.doc
Related to the newest MS Word 0-day
http://blogs.technet.com/msrc/archive/2006/12/10/new-report-of-a-word-zero-day.aspx
US-CERT Vulnerability Note VU#166700 released today lists the following new
technical detail:
Microsoft Word fails to properly handle malformed data structures allowing