[17904] in bugtraq
Microsoft Security Bulletin MS00-093
daemon@ATHENA.MIT.EDU (Microsoft Product Security)
Mon Dec 4 14:25:48 2000
Message-Id: <C10F7F33B880B248BCC47DB4467388470CC78B@red-msg-07.redmond.corp.microsoft.com>
Date: Fri, 1 Dec 2000 18:32:39 -0800
Reply-To: Microsoft Product Security <secnotif@MICROSOFT.COM>
From: Microsoft Product Security <secnotif@MICROSOFT.COM>
X-To: MICROSOFT_SECURITY@ANNOUNCE.MICROSOFT.COM
To: BUGTRAQ@SECURITYFOCUS.COM
The following is a Security Bulletin from the Microsoft Product Security
Notification Service.
Please do not reply to this message, as it was sent from an unattended
mailbox.
********************************
-----BEGIN PGP SIGNED MESSAGE-----
- -----------------------------------------------------------------
Issue: Print template feature could allow web site to
run code on visiting user's machine; web form
could be used to read user's files.
Date: December 01, 2000
Affected Software: IE 5.x
Impact: code execution; file viewing
Bulletin ID: MS00-093
Bulletin:
www.microsoft.com/technet/security/bulletin/ms00-093.asp
Acknowledgment:
Juan Carlos Garcia Cuartango (www.s21sec.com)
Vladimir Sulc, jr. (www.microrisc.cz)
Warren Greer
- -----------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.3
iQEVAwUBOihfRI0ZSRQxA/UrAQGp6gf+OiqnbqOwVMw3tOcue1fMRd+yek6EDPM5
s48o/DbUWE30J/D0ax0j4yzxQa6nFTyalQsFma4uAdO7e2yO4L0zML4/TaymKC9t
AoBaac3dSorTF+MttiagSYpBXv6PgLwnKOmQNyvA6klwQILJOVK95aQL3rLyJGsn
keiehqV/T2C78E/X00ut7ZQzDjs6KaOElSMzNXEnE13BzjoCS4cslGTeqZwTSXWe
3P8b1UijNK0tCNz3izQc8AbFayjeTwzV4J4BWslcvoKeKctdk0S5feIYNaT755q1
JPk5wwF9989yl4RSi6eG1rCs4pOkKcLIqDHNis/xwBfZHCi29KOTTw==
=ub1r
-----END PGP SIGNATURE-----
*******************************************************************
You have received this e-mail bulletin as a result of your registration
to the Microsoft Product Security Notification Service. You may
unsubscribe from this e-mail notification service at any time by sending
an e-mail to MICROSOFT_SECURITY-SIGNOFF-REQUEST@ANNOUNCE.MICROSOFT.COM
The subject line and message body are not used in processing the request,
and can be anything you like.
To verify the digital signature on this bulletin, please download our PGP
key at http://www.microsoft.com/technet/security/notify.asp.
For more information on the Microsoft Security Notification Service
please visit http://www.microsoft.com/technet/security/notify.asp. For
security-related information about Microsoft products, please visit the
Microsoft Security Advisor web site at http://www.microsoft.com/security.
