Bugtraq mailing list archives
The Son of Cuartango Hole
From: condor () SEKURE ORG (condor () SEKURE ORG)
Date: Thu, 19 Nov 1998 13:51:49 -0200
---------- Forwarded message ---------- Date: Wed, 18 Nov 1998 17:08:40 +0100 From: Juan Carlos Garcia Cuartango <cuartangojc () MX3 REDESTB ES> To: NTBUGTRAQ () LISTSERV NTBUGTRAQ COM Subject: The Son of Cuartango Hole Gentlemen, I have discovered a new Internet Explorer 4 vulnerability, I have called It "The Son of Cuartango Hole". It is in fact a variant of the Cuartango Hole issue (Microsoft called It the Untrusted Scripted Paste, USP vulnerability) . I reported this new hole to Microsoft one week ago and they have released an "updated security bulletin" http://www.microsoft.com/security/bulletins/ms98-015.asp and an "updated USP patch Risks involved are exactly the same that in the Cuartango Hole. Your computer files can be stolen when you visit a malicious WEB page or if you receive an e-mail with the malicious script. Technical details are available in my site : http://pages.whowhere.com/computers/cuartangojc/ Regards, Juan Carlos G. Cuartango -condor www.sekure.org s e k u r e pgp key available at: http://condor.sekure.org/condor.asc
Current thread:
- NAI-30: Windows NT SNMP Vulnerabilities Security Research Labs (Nov 17)
- <Possible follow-ups>
- Re: NAI-30: Windows NT SNMP Vulnerabilities David LeBlanc (Nov 18)
- Re: NAI-30: Windows NT SNMP Vulnerabilities Dave G. (Nov 18)
- Re: NAI-30: Windows NT SNMP Vulnerabilities David LeBlanc (Nov 18)
- The Son of Cuartango Hole condor () SEKURE ORG (Nov 19)
- IRIX Vulnerability in ToolTalk RPC Service SGI Security Coordinator (Nov 19)
- NetBSD Security Advisory 1998-005 matthew green (Nov 19)
- Re: NAI-30: Windows NT SNMP Vulnerabilities Friedrichs, Oliver (Nov 18)