Re: [Full-disclosure] www.google.com xss vulnerability Using mhtml

nice work to MS

now, let us to wait for the FIX .

.....

gogogo ....
[image: 2000]

hitest



2011/1/28 Michal Zalewski <lcamtuf@xxxxxxxxxxx>:
FYI, here's a provisional advisory from Microsoft acknowledging this
issue:
http://www.microsoft.com/technet/security/advisory/2501696.mspx

/mz

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Relevant Pages

  • [Full-disclosure] Gmail login status detect
    ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
    (Full-Disclosure)
  • [Full-disclosure] a new way to detect firefox extensions
    ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
    (Full-Disclosure)
  • Re: [Full-disclosure] List of Fuzzers
    ... int authenticate(char* username, char* password) { ... that fuzzing has its limitations (that can be fixed and applied like ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure- ...
    (Full-Disclosure)
  • Re: [Full-disclosure] VPN provider helped track down alleged LulzSec member
    ... if the vpn provider had not shat themself, then it would be a non story. ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
    (Full-Disclosure)
  • Re: [Full-disclosure] List of Fuzzers
    ... valid to use someone else's fuzzing framework against one's own ... I see "Which fuzzer on this list will help me find the most ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure- ...
    (Full-Disclosure)