i admit, i posted this bug just a short while ago, but since its an
anoyance more then a vuln.. i dont really care.. be glad i didnt demo it
here :) (for evolution users anyway)
so the issue is with text based file attachments with the
Content-Disposition set to inline.. if this text file
--- Dude VanWinkle [EMAIL PROTECTED] wrote:
Why do you call a .scr you have to manually install a worm?
http://www.webopedia.com/DidYouKnow/Internet/2004/virus.asp
A worm is similar to a virus by its design, and is considered to be a sub-class
of a virus. Worms
spread from computer to
yossarian wrote:
There is an easy trick to avoid a .HTA related 'thingie' such as this
one: tell your windows to open .HTA files in notepad. It broke the
beautifull PoC I guess, had it in place as long as this particular
machine (2 years or so), it never broke anything before.
Is there a
Hi,
I've just released a paper (to be found at
http://www.nth-dimension.org.uk/news/entry.php?e=156579087) which covers two
issues with Javascript injection that I've recently been playing with. That
of Javascript injection via CSS manipulation and further more the use of AJAX
within
inclusion.
Advisory released on 20060128:
PmWiki Multiple Vulnerabilities
http://www.ush.it/2006/01/24/pmwiki-multiple-vulnerabilities/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored
Hi, actually i have another question of a similar ballpark, so i can't
really answer your question, but did a virustotal scan on it anyway (got
the url from a previous fd post) so as not to post empty handed.
What i noted is this: I've been receiving emails on a few accounts
eversince a
Hm, I haven't seen this posted here ...
Firefox now supports the -moz-binding CSS property, which associate
XBL[1] with an element. The same origin policy is not applied. This is a
problem because XBL may contain JavaScript and it runs with full access
to content.
There is a bug report[2]
(ascii at katamail . com)
Date 20060125
With ?GLOBALS[foobar] you can set the value of the un-initialized
$foobar variable.
Advisory released on 20060128:
PHP5 Globals Vulnerability
http://www.ush.it/2006/01/25/php5-globals-vulnerability
Hello All..
i found an XSS vulnerability in the widely known file hosting company :
http://rapidshare.de
The Vulnerability is in the premium members area:
https://ssl.rapidshare.de/cgi-bin/premiumzone.cgi
and it goes like this:
I found another vulnerability in your brain ... This
vulnerability makes you to look like a cock sucker... no patch is
available (you know... there is no patch for huma stupidity)
.Now I Am Become DeathThe Destroyer Of Worlds LOL retard
definitedly you need to buy some friends
GO GET A LIFE SUCKER.
On 1/29/06, (M.o.H.a.J.a.L.i) [EMAIL PROTECTED] wrote:
Hello All..
i found an XSS vulnerability in the widely known file hosting company :
http://rapidshare.de
The Vulnerability is in the premium members area:
https://ssl.rapidshare.de/cgi-bin/premiumzone.cgi
and
Hahahah dont cry baby!!
Im agree with MegaByte, try eBay for finding a cheap brain
Satan aleicumOn 1/29/06, (M.o.H.a.J.a.L.i) [EMAIL PROTECTED] wrote:
GO GET A LIFE SUCKER.
On 1/29/06, (M.o.H.a.J.a.L.i)
[EMAIL PROTECTED] wrote:
Hello All..
i found an XSS vulnerability in the widely
(Why, yes, I came up with the name, and had to find some bugs to be able
to post this.)
Summary
---
There are three fairly interesting flaws in how HTTP cookies were
designed and later implemented in various browsers; these shortcomings
make it possible (and alarmingly easy) for
13 matches
Mail list logo