|
Full Disclosure
mailing list archives
Re: Facebook Attach EXE Vulnerability
From: Peter Dawson <slash.pd () gmail com>
Date: Fri, 28 Oct 2011 12:19:50 -0400
oh ok..i c ur point.. if they did tell him to wait and he failed their NDA..
then its an issue
/pd
On Fri, Oct 28, 2011 at 12:04 PM, Pablo Ximenes <pablo () ximen es> wrote:
Agreed. What I'm asking is whether Facebook did ask him to wait. Did it?
If it did it's a whole different ball game.
Pablo Ximenes
http://ximen.es/
http://twitter.com/pabloximenes
Em 28/10/2011, às 13:01, Peter Dawson <slash.pd () gmail com> escreveu:
I dont think that he waited for vendor to confirm fix in production
and I dont see a reason that he needs to wait . If FB did not ask him to
refrain from disclosure.. y shld he ?
09/30/2011 Reported Vulnerability to the Vendor
10/26/2011 Vendor Acknowledged Vulnerability
10/27/2011 Publicly Disclosed
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
(Thread continues...)
| 
