Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Zero-day IE exploit
Peter Laborge, 2005-11-22
Comments Mode:
Zero-day IE exploit 2005-11-22
Don Parker (1 replies)
Re: Zero-day IE exploit 2005-11-23
Dbtech
Zero-day IE exploit 2005-11-23
auris
Zero-day IE exploit 2005-11-23
Jerry M. Gartner
Zero-day IE exploit 2005-11-23
Bob (1 replies)
Re: Zero-day IE exploit 2005-11-23
Jason (1 replies)
Re: Zero-day IE exploit 2005-11-23
Anonymous (1 replies)
Re: Re: Zero-day IE exploit 2005-12-02
Anonymous
Yet another reason to switch to FireFox 2005-11-23
Mike (1 replies)
Re: Yet another reason to switch to FireFox 2005-11-25
Anonymous
Zero-day IE exploit - it doesn't work for me 2005-11-25
Morc (1 replies)
Re: Zero-day IE exploit - it doesn't work for me 2005-12-14
Anonymous
Not wanting to downplay the seriousness, but I wouldn't call it zero day 2005-11-29
Roger
Zero-day? 2005-11-29
Anonous (1 replies)
Re: Zero-day? 2005-12-02
Anonymous
Putting users at risk 2005-12-14
Anonymous
The vulnerability is what puts users at risk. The reporting reduces that risk. The fact that it wasn't 'responsibly disclosed' just means the risk wasn't reduced as much.

I HATE that these huge companies with massive budgets get so much free research and code review. They don't deserve it.

These 'researchers' put a lot of time and effort into finding vulnerabilities and (in my opinion) should NOT be required to notify the sloppy developer first.

Maybe if the developers knew they aren't going to get advance notice (for free, no less) they would be more careful in the first place.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/newsbriefs/58/295#295




 

Privacy Statement
Copyright 2009, SecurityFocus