Full Disclosure mailing list archives
Re: [FDSA] Notepad Highly CriticalCross-SiteScripting (XSS) Vulnerability
From: "Randal T. Rioux" <randy () procyonlabs com>
Date: Thu, 17 Jan 2008 16:53:28 -0500
Fredrick Diggle Security Advisory Application: Notepad Versions: 5.1.2600.2180 verified to be vulnerable Platforms: Microsoft Windows (All Versions) Bugs: Cross Site Scripting (XSS) Severity: Critically High Date: 17 Jan 2008 Credit: Estr Hinan #######################################################################
That’s a really funny “security risk”. I don’t agree with you, because otherwise every editor, which is able to save HTML Files, is a security problem. So vi, Dreamweaver, emacs… are all unsecure? It is your decision, to open a HTML file or not. And (if here are some MS guys) please don’t fix this “issue”, because sometimes, if you haven’t a professional tool at the moment, the Windows editor can be useful, too. Also, if you need to edit some small Scripts. Yours, SR
Speaking of professional tools... Let's hope this was just a language translation error and not a fully understood response. Lighten up, folks. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: [FDSA] Notepad Highly CriticalCross-SiteScripting (XSS) Vulnerability Randal T. Rioux (Jan 17)