mailing list archives
Re: Official IFRAME patch - make sure it installs correctly
From: Raoul Nakhmanson-Kulish <raoul () elforsoft com>
Date: Thu, 02 Dec 2004 19:57:39 +0300
Hello, Berend-Jan Wever!
The IFRAME vulnerability has been patched, see
Oh! Thanks, God!
Good that nobody has hit upon an idea until now about exploiting this to
launch self-spreading mail virus without user interaction by putting
iframe into HTML message body: this hole is exploitable even in
restricted zone and millions of OE and Outlook lemmings would be doomed.
Such thought visited me nearly right away when I had known this issue.
Elfor Soft Ltd.,
Full-Disclosure - We believe in it.