Full Disclosure: Re: Month of ActiveX Bug

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Re: Month of ActiveX Bug

From: bugtraq () cgisecurity net
Date: Tue, 1 May 2007 11:47:35 -0400 (EDT)

http://moaxb.blogspot.com/=20

=20
Wow, a DoS in a 3rd-party Poiwerpoint viewer. This ought to bring the
Internet to its knees. I wonder if he'll have any actual ActiveX bugs=
 or
if they'll just be DoS's in controls.


Consider that most often a bug filed as DOS can actually
be exploitable, but the person who discovered it can't get the POC working or is even aware it is. While command 
execution is the ideal goal it doesn't
mean other types of issues are *completely* worthless.  

- Robert
http://www.cgisecurity.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

Month of ActiveX Bug xxx xxx (May 01)
- Re: Month of ActiveX Bug Larry Seltzer (May 01)
  - Re: Month of ActiveX Bug bugtraq (May 01)
    - Re: Month of ActiveX Bug Larry Seltzer (May 01)
    - Re: Month of ActiveX Bug Valdis . Kletnieks (May 01)
    - Re: Month of ActiveX Bug Larry Seltzer (May 01)
    - Re: Month of ActiveX Bug bugtraq (May 01)
    - Re: Month of ActiveX Bug Steven Adair (May 01)