Bugtraq mailing list archives
RE: is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution)
From: "Drew Copley" <dcopley () eeye com>
Date: Fri, 20 Feb 2004 12:16:03 -0800
-----Original Message----- From: Stuart Moore [mailto:smoore.bugtraq () securityglobal net] Sent: Thursday, February 19, 2004 10:40 PM To: thor () pivx com; bugtraq () securityfocus com Subject: is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution)
<snip>
But this could get messy. What happens when two issues *must* be combined inorder for a security impact to occur? My personal opinion differs from yours (and from SecurityFocus's) regarding BID 8900 (Flash) and the nullsoft and icq BID issues. I think they are not vulnerabilities, but instead are a few of many, many leverage points for porous MS IE/OS security boundaries. But maybe you could make an argument that some popular Win apps make little or no use of OS security features and so are at fault. Or maybe you could say that an application written for an OS that is known to have security boundary issues is negligent in using predictable locations. Uh oh, I guess I could really start chasing my tail here ...
For simple, good QA practice... you want to have each bug written up seperately. This may mean they are all moderate or low severity. Security bugs, however, have a special classification under a good QA system. A "low severity" security bug is much more important then a normal "high severity" non-security bug. As for security classification systems that are pure classifications... They each can pick and choose as they want, of course. There is no board. I would think a note added to these low or moderate issues with proper credit would suffice. (Which is actually securityfocus style).
Perhaps a good question for the Secure Coding list (secure-coding.org)? Stuart
Current thread:
- is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution) Stuart Moore (Feb 20)
- <Possible follow-ups>
- RE: is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution) Drew Copley (Feb 20)
- Re: is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution) http-equiv () excite com (Feb 20)
- RE: Re: is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution) Drew Copley (Feb 20)