Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

0day IE9/10 information disclosure vulnerability
From: yuange <yuange1975 () hotmail com>
Date: Mon, 29 Jul 2013 07:22:18 +0000


#0day IE9/10 information disclosure vulnerability http://t.cn/zQJYHgA  .Technical challenge how to write exploit code?
漏洞报告已经说得很明白,指出问题代码,怎么定位代码。鉴于微软一次次的纠缠于需要提供POC,那就让大家来写POC吧,写好记得发一份给微软。 :)
https://twitter.com/yuange75  我的观点:
#antiNSA 
现在APT的大环境下,POC代码、EXP利用技术都是宝贵资源,不想因为中间环节被控制或者SNIFFER而丢失这些宝贵资源,现在坚定报告漏洞不提供POC和EXP,除非有偿的漏洞报告。反汇编指出问题代码点,对于漏洞修补已经提供了足够的重要信息了,要想POC自己分析。

                                          
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
  • 0day IE9/10 information disclosure vulnerability yuange (Jul 29)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]