On 1 Mar 2002 at 10:14, Gian Luca Rubini wrote:
> Panico,
> questa mattina e' iniziata male, mi sono appena letto 2 simpatici avvisi
> riguardanti problemi di sicurezza su PHP e mod_ssl per Apache.
> Per la cronaca io uso Debian Potato, ma sulla lista security.debian.org non
> vengono segnalati problemi di sorta. Qualcuno ha qualche informazione
> supplettiva in merito ?
Consolati:
> GreyMagic Security Advisory GM#001-IE
> =====================================
>
> by GreyMagic Software, Israel.
> 27 Feb 2002.
>
> Topic: Executing arbitrary commands without Active Scripting or ActiveX.
>
> Discovery date: 25 Feb 2002.
>
> Affected applications:
> ======================
>
> Any application that hosts the WebBrowser control (5.5+) is affected
> since this exploit does not require Active Scripting or ActiveX. Some of
> these applications are:
>
> * Microsoft Internet Explorer
> * Microsoft Outlook
> * Microsoft Outlook Express
[snip]
> They can both be found at http://security.greymagic.com/adv/gm001-ie/.
>
> Feedback:
> =========
>
> Please mail any questions or comments to security@xxxxxxxxxxxxxx
>
> - Copyright © 2002 GreyMagic Software.
--
Salve
Ivan Sergio Borgonovo
http://www.webthatworks.it/
|