RE: Six Step IE Remote Compromise Cache Attack

To: Thor Larholm <thor@xxxxxxxx>
Subject: RE: Six Step IE Remote Compromise Cache Attack
From: white colin john <cjwhite1@xxxxxxxxxxxxxxxxxxxx>
Date: Wed, 5 Nov 2003 16:43:37 -0600 (CST)
Cc: Liu Die Yu <liudieyuinchina@xxxxxxxxxxxx>, <bugtraq@xxxxxxxxxxxxxxxxx>
In-reply-to: <8B32EDC90D8F4E4AB40918883281874D0BAF68@xxxxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

On Wed, 5 Nov 2003, Thor Larholm wrote:

> This post raises an interesting question. Is our goal to find new
> vulnerabilities and attack vectors to help secure users and critical
> infrastructures, or is our goal to ease exploitation of existing
> vulnerabilities?

If there's no proof-of-concept that shows current bugs can be combined 
into an exploit, is there any pressure on microsoft to patch the bugs?

Follow-Ups:
- RE: Six Step IE Remote Compromise Cache Attack
  - From: Tyler Larson

References:
- RE: Six Step IE Remote Compromise Cache Attack
  - From: Thor Larholm

Prev by Date: Re: Six Step IE Remote Compromise Cache Attack
Next by Date: Re: Six Step IE Remote Compromise Cache Attack
Previous by thread: Re: Six Step IE Remote Compromise Cache Attack
Next by thread: RE: Six Step IE Remote Compromise Cache Attack
Index(es):
- Date
- Thread