A fix for this vulnerability is available at my website:
http://www.abracadabrasolutions.com/UrlFilter.htm
Regards,
Frank Hagenson.
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Well his post gives me some pause...since this is a shareware product
(the poster is out to make some $$$ for themselves) I wonder that it doesn't
count as a commercial solicitation. Besides that, AFAIK the URL filter
is not available in source code format (for peer review). IN short, I'd
say that
the patch is what I say, FWIW.
Exibar
- Original Message -
From: Gregory A. Gilliss [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, December 16, 2003 2:29 PM
Subject: Re: [Full-Disclosure] Internet Explorer URL parsing vulnerability -
fix available
Well his post gives me some pause
Message-
From: Exibar [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 16, 2003 2:47 PM
To: Gregory A. Gilliss; [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] Internet Explorer URL parsing
vulnerability
- fix available
Agreed. I also feel that why should a company pay this 3rd party
I found nothing wrong with their posting, and certainly did not see them
trying to make more then a buck iin all this either. Source would be nice
for review, but, to complain about the posting being a commecial
solicitation is a tad far fetched:
paste
Licensing
URL Filter is free for home