[23099] in bugtraq
Re: Microsoft Security Bulletin MS01-055
daemon@ATHENA.MIT.EDU (CDE Francis)
Fri Nov 9 19:13:07 2001
Date: Fri, 09 Nov 2001 15:58:34 -0500
From: CDE Francis <fuy@jhu.edu>
In-reply-to:
<2E08A46FF518C9418713A1B2C780684D103D2E@red-msg-20.redmond.corp.microsoft.com>
To: Microsoft Product Security <secnotif@MICROSOFT.COM>
Cc: bugtraq@securityfocus.com
Message-id: <a05100304b811f0ceebae@[128.220.149.100]>
MIME-version: 1.0
Content-type: text/plain; charset=us-ascii; format=flowed
At 6:14 PM -0800 2001/11/08, Microsoft Product Security wrote:
>Software: Internet Explorer
>Impact: Exposure and altering of data in cookies
>Max Risk: High
At risk of sounding petulant, I'd like to mention something overlooked
by Microsoft, Bugtraq, etc. Microsoft Internet Explorer for (classic)
MacOS appears NOT to be vulnerable to this exploit. AFAICT, it will
not run scripts of any kind embedded in an about: URL.
Could someone verify the status of IE on OS X, Solaris or HP-UX?
http://www.google.com/search?q=Internet+Explorer+Solaris+HP-UX
-F.
