New URI browser flaws worse than first thought
,----[ Quote ]
| Security researchers have found that a feature in the Windows OS can allow
| intruders to steal data from a victim's computer
`----
http://www.infoworld.com/article/07/08/15/New-URI-browser-flaws-worse-than-first-thought_1.html
Microsoft Windows Vista Sidebar RSS Feeds Gadget Cross Site Scripting
Vulnerability
,----[ Quote ]
| WORKAROUND
|
| iDefense is currently unaware of any workarounds for this issue.
`----
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=575
Recent (and unpatched):
Buffer the Overflow Slayer v. the ActiveX Files
,----[ Quote ]
| The vulnerability was discovered by Krystian Kloskowski and is rated
| "highly critical" in this posting on Secunia. It's also discussed here on the
| ^^^^^^^^^^^^^^^
| US-Cert website. Proof-of-concept code can be found on MilW0rm here.
`----
http://www.theregister.co.uk/2007/08/14/sdk_spreads_vuln_love/
|
|