Full Disclosure mailing list archives
MSIE (mshtml.dll) OBJECT tag vulnerability
From: "Tim Bilbro" <trbilbro () verizon net>
Date: Wed, 26 Apr 2006 11:06:09 -0400
You do a disservice to all IT shops by announcing these vulnerabilities before contacting the vendor. I am sure it would not generate as much web traffic to your site, but it is only fair and right to allow at least some amount of time for the vendor to respond. If you think you are helping, you are wrong. Would you go around town checking which stores are unlocked at night and then publish the list in the news before letting the shop owners know? That's pretty much what you are doing. It's just not helping. There is no proof that it is either. Tim Bilbro Information Security Specialist CISSP, MCSE trbilbro () verizon net web: www.bloglines.com/blog/Bilbro RSS: www.bloglines.com/blog/Bilbro/rss
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability, (continued)
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability 0x80 (Apr 23)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability ipatches (Apr 24)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability Sol Invictus (Apr 24)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability Dave "No, not that one" Korn (Apr 25)
- Re: Re: MSIE (mshtml.dll) OBJECT tag vulnerability Valdis . Kletnieks (Apr 25)
- Re: Re: MSIE (mshtml.dll) OBJECT tag vulnerability Raoul Nakhmanson-Kulish (Apr 25)
- Re: Re: MSIE (mshtml.dll) OBJECT tag vulnerability Valdis . Kletnieks (Apr 25)
- Re: Re: MSIE (mshtml.dll) OBJECT tag vulnerability Raoul Nakhmanson-Kulish (en) (Apr 25)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability Sol Invictus (Apr 24)
- Re: Re: MSIE (mshtml.dll) OBJECT tag vulnerability Javor Ninov (Apr 26)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability bruen (Apr 26)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability Michal Zalewski (Apr 26)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability Michal Zalewski (Apr 26)
- Re[2]: MSIE (mshtml.dll) OBJECT tag vulnerability Thierry Zoller (Apr 26)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability Morning Wood (Apr 26)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability Randal T. Rioux (Apr 26)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability Javor Ninov (Apr 27)
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability Michal Zalewski (Apr 26)