>The external method flaw also seems to affects my ie6 sp1 browser
Indeed, it was overlooked in the final write-up of the advisory.
It's also worth mentioning that IE6 SP1 is vulnerable to the "clipboardData"
object caching as well, which, unfortunately, wasn't mentioned before.
The advisory and
> From: jelmer [mailto:jkuperus@;xs4all.nl]
> The external method flaw also seems to affects my ie6 sp1 browser
I can confirm this as well, together with the clipboardData method flaw.
It's a surprise that Microsoft didn't fix this globally in SP1, instead of
applying checks to each individual me
The external method flaw also seems to affects my ie6 sp1 browser
--
jelmer
- Original Message -
From: "GreyMagic Software" <[EMAIL PROTECTED]>
To: "Bugtraq" <[EMAIL PROTECTED]>
Sent: Tuesday, October 22, 2002 5:24 PM
Subject: Vulnerable cached
GreyMagic Security Advisory GM#012-IE
=
By GreyMagic Software, Israel.
22 Oct 2002.
Available in HTML format at http://security.greymagic.com/adv/gm012-ie/.
Topic: Vulnerable cached objects in IE (9 advisories in 1).
Discovery date: 4 Oct 2002, 17 Oct 2002