[19774] in bugtraq
Re: feeble.you!dora.exploit
daemon@ATHENA.MIT.EDU (Jeff Beckley)
Thu Mar 22 14:24:51 2001
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Message-ID: <5.1.0.12.0.20010321134858.02604c70@adept.qualcomm.com>
Date: Wed, 21 Mar 2001 13:59:34 -0800
Reply-To: Jeff Beckley <beckley@QUALCOMM.COM>
From: Jeff Beckley <beckley@QUALCOMM.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <10359935.985189714218.JavaMail.imail@slippery>
At 07:48 AM 3/21/2001 -0800, http-equiv@excite.com wrote:
>Further to all of this, we include a generic more illustrative (and user
>friendly test working example) [at the end of this batch of quotes].
>
>This defeats the so-called "Allow executables in HTML content" being
>disabled.
This inline scripting hole has been fixed in Eudora 5.1. A beta of 5.1 can
be found at <http://www.eudora.com/betas/>. The final release of 5.1 will
be out very soon.
