[413] in Best-of-Security
BoS: Re[2]: Stealing data via Internet Explorer 4 (fwd)
daemon@ATHENA.MIT.EDU (Rafi Sadowsky)
Tue Oct 21 21:39:09 1997
Old-X-Envelope-From: rafi@tavor.openu.ac.il Mon Oct 20 03:23:21 1997
Date: Sun, 19 Oct 1997 19:21:07 +0200 (IST)
From: Rafi Sadowsky <rafi@tavor.openu.ac.il>
Cc: Best Of Security List <best-of-security@suburbia.net>
Old-X-Originally-To: To: Israeli CERT List <CERT-L@taunivm.tau.ac.il>
Old-X-Originated-From: From: Rafi Sadowsky <rafi@tavor.openu.ac.il>
Errors-To: best-of-security-request@cyber.com.au
To: best-of-security@cyber.com.au
Resent-From: best-of-security@cyber.com.au
---------- Forwarded message ----------
Date: Sun, 19 Oct 1997 17:40:17 +0200
From: Martin Sauer <ms@skp.de>
To: acr@als.co.uk
Cc: Martin Sauer <ms@majestix.skp.de>, Firewalls@GreatCircle.COM
Subject: Re[2]: Stealing data via Internet Explorer 4
> Last time I checked the exploit could only retrieve text, html and
> graphics files.
Right. As I learned of that bug, I did not learn from their press
release, that it is only (!) html, txt and graphics. At that point we
were just evaluating the bug.
For proper understanding a link to Microsoft:
http://www.microsoft.com/ie/security/?/ie/security/freiburg.htm
Sincerly,
ms
---
Martin Sauer
Sauer & Partner
Gesellschaft für Netzwerktechnologie und Sicherheit mbH
Dietrich-Bonhoeffer-Straße 1-3, 35037 Marburg, Germany
fon: +49 6421 9383 80, fax: +49 6421 938390, URL: http://www.skp.de
