Bugtraq mailing list archives

IE5 - same vulnerabilities, only some fixed

From: psychoid () GMX NET (Most Psychoid)
Date: Fri, 19 Mar 1999 11:46:01 +0100


Hello,

The new Microsoft Internet Explorer 5 (I checked Version: 5.00.0910.1309)
still allows Frame Spoofing and reading of local Files as described by
Georgi Guninski (see http://www.whitehats.com/guninski/read.html).

Another new feature named "AutoComplete" stores entries (which also may be
passwords). Just another new source for passwords which had not been saved
in IE 4.x.

The Crash-bugs seem to be removed. I could not crash my default installed
IE 5 using the known exploits.

So far,

psychoid

---
Sent through Global Message Exchange - http://www.gmx.net

Current thread:

IE5 - same vulnerabilities, only some fixed Most Psychoid (Mar 19)
- <Possible follow-ups>
- Re: IE5 - same vulnerabilities, only some fixed Stepan Stadnyk (Mar 19)
- Re: IE5 - same vulnerabilities, only some fixed Alan Chapman (Mar 22)
- Re: IE5 - same vulnerabilities, only some fixed Jim Reavis (Mar 25)