Mozilla Bug Isn't So Bad

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Mozilla Bug Isn't So Bad
From: Paul <paul@xxxxxxxxxxxxxxxx>
Date: 17 Jul 2004 03:43:12 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm


ok so mozilla can execute existing files on the user's system. so what? how 
many times has this happened to internet explorer? this is an insignificant 
vulnerability compared to everything in ie. internet explorer has been 
vulnerable to the codebase vulnerability for several years. also, you can't 
even specify command line parameters. and besides, this isnt even a real 
problem with mozilla. it is a problem with microsoft explorer. mozilla didnt 
make the shell: protocol; microsoft did. so in reality, this could be 
considered a vulnerability in microsoft software triggered in non-microsoft 
software.

thanks a lot, microsoft...

Follow-Ups:
- Re: Mozilla Bug Isn't So Bad
  - From: Bill

Prev by Date: Re: [Full-Disclosure] Re: IE Shell URI Download and Execute, POC
Next by Date: new utilman.exe exploit (allinone remote exploitation)
Previous by thread: What A Drag
Next by thread: Re: Mozilla Bug Isn't So Bad
Index(es):
- Date
- Thread