[32303] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

RE: Six Step IE Remote Compromise Cache Attack

daemon@ATHENA.MIT.EDU (white colin john)
Wed Nov 5 18:57:46 2003

Date: Wed, 5 Nov 2003 16:43:37 -0600 (CST)
From: white colin john <cjwhite1@ehlnx13.ews.uiuc.edu>
To: Thor Larholm <thor@pivx.com>
Cc: Liu Die Yu <liudieyuinchina@yahoo.com.cn>, <bugtraq@securityfocus.com>
In-Reply-To: <8B32EDC90D8F4E4AB40918883281874D0BAF68@pivxwin2k1.secnet.pivx.com>
Message-ID: <Pine.LNX.4.44.0311051642230.13048-100000@ehlnx13.ews.uiuc.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII

On Wed, 5 Nov 2003, Thor Larholm wrote:

> This post raises an interesting question. Is our goal to find new
> vulnerabilities and attack vectors to help secure users and critical
> infrastructures, or is our goal to ease exploitation of existing
> vulnerabilities?

If there's no proof-of-concept that shows current bugs can be combined 
into an exploit, is there any pressure on microsoft to patch the bugs?


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[32303] in bugtraq

RE: Six Step IE Remote Compromise Cache Attack

daemon@ATHENA.MIT.EDU (white colin john)Wed Nov 5 18:57:46 2003

daemon@ATHENA.MIT.EDU (white colin john)
Wed Nov 5 18:57:46 2003