Full Disclosure mailing list archives

Re: Yet another IE aperture

From: Aviv Raff <avivra () gmail com>
Date: Sat, 9 Oct 2004 13:21:00 +0200

By opening html in IE it is possible to read at least well formed xml from
arbitrary servers. The info then may be transmitted.


Can you clarify what is the security issue with reading information of
other servers from the web browser?

Am I missing the point here?

-- Aviv Raff

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Yet another IE aperture Georgi Guninski (Oct 07)
- <Possible follow-ups>
- Re: Yet another IE aperture GreyMagic Security (Oct 08)
  - Re: Yet another IE aperture Georgi Guninski (Oct 09)
    - Re: Yet another IE aperture GreyMagic Security (Oct 09)
    - Re: Re: Yet another IE aperture Christian (Oct 10)
- Re: Yet another IE aperture Aviv Raff (Oct 09)