Matthew Flaschen schrieb:
Stefan Esser wrote:
Microsoft just sent a nonsense mail to us, claiming that we had
disclosed this already to the public and that they like getting
advance notice.
I mean, that's fair enough. I mean, nobody's personality should get in
the way of
indeed
On 2/23/07, Michal Zalewski [EMAIL PROTECTED] wrote:
On Fri, 23 Feb 2007, Stefan Esser wrote:
Proof of Concept:
The Hardened-PHP Project is not going to release a proof of concept
exploit for this vulnerability.
...because pretty much no exploit is needed. Scary. Good
On Fri, 23 Feb 2007, Stefan Esser wrote:
Proof of Concept:
The Hardened-PHP Project is not going to release a proof of concept
exploit for this vulnerability.
...because pretty much no exploit is needed. Scary. Good catch.
/mz
___
Stefan Esser wrote:
Microsoft just sent a nonsense mail to us, claiming that we had
disclosed this already to the public and that they like getting
advance notice.
I mean, that's fair enough. I mean, nobody's personality should get in
the way of fixing security vulnerabilities. Err,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hardened-PHP Project
www.hardened-php.net
-= Security Advisory =-
Advisory: Multiple Browsers Cross Domain Charset Inheritance Vulnerability
Release Date: 2007/02/23
Last