Home page logo

bugtraq logo Bugtraq mailing list archives

RE: Vulnerable cached objects in IE (9 advisories in 1)
From: Thor Larholm <Thor () jubii dk>
Date: Wed, 23 Oct 2002 11:13:57 +0200

From: jelmer [mailto:jkuperus () xs4all nl]
The external method flaw also seems to affects my ie6 sp1 browser

I can confirm this as well, together with the clipboardData method flaw.

It's a surprise that Microsoft didn't fix this globally in SP1, instead of
applying checks to each individual method and object. At first, I assumed
they had made a generic fix, but with this in the open it is clear that they
only patched specifics and that there will be many more vulnerabilities in
the method/object caching category.

Thor Larholm

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]