Re: Another Scripting Hole In Microsoft IE Exposes Local Files

From: those who know me have no need of my name (not-a-real-address@usa.net)
Date: 01/04/02 

From: those who know me have no need of my name <not-a-real-address@usa.net>
Date: Fri, 04 Jan 2002 03:29:58 -0000

<1107_1010108995@bowmore.utu.fi> divulged:
>On 3 Jan 2002 16:50:49 +0100, spamtrap@xivic.prima.de (Wolfgang
>Schelongowski) wrote:

>> Both Javscript and ActiveX are known to be insecure by (lack of) design
>> for *all* platforms, where they can be executed.

>Active-X is only on Internet Explorer so its only IE security risk. ;)

msie is available for platforms other than ms windows.

>Javascript is actually pretty safe:

hahahahaha. yeah. sure.

>I think the main issue is that IE is "binded" to Windows so if you
>have a bug that effects IE, it opens your entire system. In Opera,
>for instance, things dont work that way.

and since opera conforms to the ecma standard it also tends not work
with many sites, at least those which have msie or nn specific code.

also, opera is still "in" your system, so if there were an exploit
available it would expose as much of the system as your permissions
allow, which on most ms o/s' means the entire system. 

-- 
okay, have a sig then

Relevant Pages
Quantcast