Full Disclosure: Re: www.google.com xss vulnerability Using mhtml

Re: www.google.com xss vulnerability Using mhtml

From: Michal Zalewski <lcamtuf () coredump cx>
Date: Fri, 28 Jan 2011 10:48:30 -0800

FYI, here's a provisional advisory from Microsoft acknowledging this issue:
http://www.microsoft.com/technet/security/advisory/2501696.mspx

/mz

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

www.google.com xss vulnerability Using mhtml IEhrepus (Jan 26)
- Re: www.google.com xss vulnerability Using mhtml Christian Sciberras (Jan 26)
- <Possible follow-ups>
- Re: www.google.com xss vulnerability Using mhtml Yigit Turgut (Jan 26)
  - Re: www.google.com xss vulnerability Using mhtml Michal Zalewski (Jan 26)
    - Re: www.google.com xss vulnerability Using mhtml IEhrepus (Jan 27)
    - Re: www.google.com xss vulnerability Using mhtml Michal Zalewski (Jan 27)
    - Re: www.google.com xss vulnerability Using mhtml Valdis . Kletnieks (Jan 27)
    - Re: www.google.com xss vulnerability Using mhtml IEhrepus (Jan 27)
    - Re: www.google.com xss vulnerability Using mhtml laurent gaffie (Jan 27)
    - Re: www.google.com xss vulnerability Using mhtml Michal Zalewski (Jan 28)
    - Re: www.google.com xss vulnerability Using mhtml IEhrepus (Jan 29)
- Re: www.google.com xss vulnerability Using mhtml Juha-Matti Laurio (Jan 30)