-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Sat, 7 Oct 2006 06:28:44 -0500,
Erik Funkenbusch <erik@xxxxxxxxxxxxxxxxxxxxxx> wrote:
> On Sat, 07 Oct 2006 11:20:55 +0100, Roy Schestowitz wrote:
>
>> Another zero day... Setslice is in the wild
>>
>> ,----[ Quote ]
>>| Busy past few weeks... first the VML exploit (now patched by Microsoft),
>>| then the daxtcle.ocx exploit (not patched yet), and then last night, our
>>| friend Roger Thompson reported seeing another exploit, commonly referred
>>| to as ?setslice? [since it uses the setslice() method to exploit] in
>>| the wild.
>> `----
>>
>> http://hackersblog.itproportal.com/?p=352
>
> I dunno, i went to the test page, and clicked the button, and it didn't
> crash my browser. I'm running IE7 RC1. The only thing that happened was
> it asked me to run an unsafe ActiveX control, which i didn't do.
does your hypocrisy know no bounds? That is exactly the same responce
you decried in the recent "one click that wasn't" firefox vulnerability
thread.
It would seem that Erik is getting more two faced with each passing day.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFJ9Dbd90bcYOAWPYRAsSAAJ4gcXOOmI+sGTEoU8KvmH4wVWLPlQCghpDu
0cExF/2ucUGLfk8tNsXHcnM=
=5i42
-----END PGP SIGNATURE-----
--
Jim Richardson http://www.eskimo.com/~warlock
When you boil it down to the essentials, it's because Linux is designed
to be *used* and Windows is designed to be *sold*.
|
|