BugTraq
Concurrency strikes MSIE (potentially exploitable msxml3 flaws) Jan 04 2007 10:22PM
Michal Zalewski (lcamtuf dione ids pl) (1 replies)
RE: [Full-disclosure] Concurrency strikes MSIE (potentially exploitablemsxml3 flaws) Jan 04 2007 10:36PM
Larry Seltzer (Larry larryseltzer com) (1 replies)
RE: [Full-disclosure] Concurrency strikes MSIE (potentially exploitablemsxml3 flaws) Jan 04 2007 10:51PM
Michal Zalewski (lcamtuf dione ids pl)
On Thu, 4 Jan 2007, Larry Seltzer wrote:

> I hope you're still not angry!

It took months of therapy, but I recovered ;)

> I just tried your demo on IE7. It took a while longer but does seem to
> have locked up. Were you looking at IE6 or IE7, and is the behavior any
> different?

I tested several installations of IE6, but I wouldn't expect there to be
differences (the flaw directly affects a XML rendering library that is
probably identical for both versions).

/mz

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus