Full Disclosure mailing list archives
RE: MSIE (mshtml.dll) OBJECT tag vulnerability
From: Michal Zalewski <lcamtuf () dione ids pl>
Date: Thu, 27 Apr 2006 00:21:02 +0200 (CEST)
On Wed, 26 Apr 2006 bruen () coldrain net wrote:
There aren't people out there looking to exploit the flaws in your car in order to drive it where they want it to go. It's a lousy analogy.
Larry, Microsoft Internet Explorer is not a car. Were it a car, it still wouldn't be yours more than it would be mine. "Disclosing a problem to the public" is not "driving it off". Depending on whether I compare finding vulnerabilities to nursing an orphaned baby squirrel, or running over the elderly, I can appeal to different emotions of the public. But that does not mean anything, and you know this. So, do tell, why are informed, computer-savvy people so desperate to make inadequate, half-baked analogies to real life to "prove" their opinions? /mz _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Re: MSIE (mshtml.dll) OBJECT tag vulnerability, (continued)
- Re: Re: MSIE (mshtml.dll) OBJECT tag vulnerability 0x80 (Apr 26)
- MSIE (mshtml.dll) OBJECT tag vulnerability Tim Bilbro (Apr 26)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability bruen (Apr 26)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability Michal Zalewski (Apr 26)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability Michal Zalewski (Apr 26)
- Re[2]: MSIE (mshtml.dll) OBJECT tag vulnerability Thierry Zoller (Apr 26)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability Morning Wood (Apr 26)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability Randal T. Rioux (Apr 26)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability Javor Ninov (Apr 27)
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability bruen (Apr 26)
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability Michal Zalewski (Apr 26)
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability Michal Zalewski (Apr 26)
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability Michal Zalewski (Apr 27)
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability Pedro Hugo (Apr 27)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability str0ke (Apr 27)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability poo (Apr 27)
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability Pedro Hugo (Apr 27)
- Re[2]: MSIE (mshtml.dll) OBJECT tag vulnerability Thierry Zoller (Apr 27)
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability Tim Bilbro (Apr 27)
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability Michal Zalewski (Apr 27)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability Brian Eaton (Apr 27)
- Re: MSIE (mshtml.dll) OBJECT tag vulnerability Michal Zalewski (Apr 27)
- RE: MSIE (mshtml.dll) OBJECT tag vulnerability Michal Zalewski (Apr 27)