TIP: Click on subject to list as thread!

ANSI

echo:	nthelp
to:	Glenn Meadows
from:	Rich
date:	2004-08-20 12:22:58
subject:	Re: XPSP2 is barely out, and first exploit claimed again
From: "Rich" This is a multi-part message in MIME format. ------=_NextPart_000_0CBC_01C486B0.6DD68D40 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable If someone had such an exploit than it would be a problem. What the = folks here did not do, especially when ego is an issue, is claim that = there is no problem and they don't have one but maybe someday they might = if they find a real problem. Rich "Glenn Meadows" wrote in message = news:41261d8b$1{at}w3.nls.net... Yea, I noticed/realized that, but you know users, can't live with = them, can't live with them.....Eventually, someone might write an = exploit that uses this on a single click of the image...those people = that try to do this stuff are very inventive in ways to get users to do = stupid stuff, for sure. --=20 Glenn M. "Rich" wrote in message news:41261593$1{at}w3.nls.net... This requires the user to explicitly drag and drop a broken image = to somewhere. Once you start with scenarios which require the user to = do stuff like this you can imagine all sorts of things. That the image = is broken makes it worse. Rich "Glenn Meadows" wrote in message = news:41260c9c{at}w3.nls.net... May not be new, but just discovered/posted. http://www.theregister.co.uk/2004/08/20/sp2_scripting_vuln/ --=20 Glenn M. ------=_NextPart_000_0CBC_01C486B0.6DD68D40 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable If someone had such an = exploit than it=20 would be a problem. What the folks here did not do, especially = when ego is=20 an issue, is claim that there is no problem and they don't have one but = maybe=20 someday they might if they find a real problem. Rich "Glenn Meadows" <gmeadow{at}comcast.net>">mailto:gmeadow{at}comcast.net">gmeadow{at}comcast.net> wrote = in message=20 news:41261d8b$1{at}w3.nls.net... Yea, I noticed/realized that, but you know users, can't live with = them,=20 can't live with them.....Eventually, someone might write an exploit = that uses=20 this on a single click of the image...those people that try to do this = stuff=20 are very inventive in ways to get users to do stupid stuff, for = sure. -- Glenn M. "Rich" <{at}> wrote in message news:41261593$1{at}w3.nls.net... This requires the user = to=20 explicitly drag and drop a broken image to somewhere. Once you = start=20 with scenarios which require the user to do stuff like this you can = imagine=20 all sorts of things. That the image is broken makes it=20 worse. Rich "Glenn Meadows" <gmeadow{at}comcast.net>">mailto:gmeadow{at}comcast.net">gmeadow{at}comcast.net> = wrote in=20 message news:41260c9c{at}w3.nls.net...Ma= y=20 not be new, but just discovered/posted.http=">http://www.theregister.co.uk/2004/08/20/sp2_scripting_vuln/">http= ://www.theregister.co.uk/2004/08/20/sp2_scripting_vuln/--=20 Glenn = M. ------=_NextPart_000_0CBC_01C486B0.6DD68D40-- --- BBBS/NT v4.01 Flag-5 * Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45) SEEN-BY: 633/267 270 @PATH: 379/45 1 396/45 106/2000 633/267
SOURCE: echomail via fidonet.ozzmosis.com

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.