|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Full-disclosure] Concurrency strikes MSIE (potentially exploitablemsxml3 flaws)
From: Michal Zalewski (lcamtuf
dione.ids.pl)
Date: Thu Jan 04 2007 - 16:51:30 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, 4 Jan 2007, Larry Seltzer wrote:
> I hope you're still not angry!
It took months of therapy, but I recovered ;)
> I just tried your demo on IE7. It took a while longer but does seem to
> have locked up. Were you looking at IE6 or IE7, and is the behavior any
> different?
I tested several installations of IE6, but I wouldn't expect there to be
differences (the flaw directly affects a XML rendering library that is
probably identical for both versions).
/mz
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]