BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Re: MSIE7 browser entrapment vulnerability (probably Firefox, too) Feb 26 2007 06:11PM
Michal Zalewski (lcamtuf dione ids pl)
On Fri, 23 Feb 2007, Jeffrey Katz wrote:

> Just checked on IE 7.0.5730.11 -- doesn't exhibit problem.

Most certainly does; you might have scripting disabled, or be
experiencing some other anomaly, but for much of the population, the
attack works as advertised on that version.

/mz
...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus