re: [SE-2008-01] J2ME Security Vulnerabilities 2008

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: re: [SE-2008-01] J2ME Security Vulnerabilities 2008
From: Security Explorations <contact@xxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Fri, 08 Aug 2008 00:51:37 +0200
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
User-agent: Thunderbird 2.0.0.16 (Windows/20080708)

On 7 Aug 2008 18:55:06 -0000, 0xjbrown41@xxxxxxxxx <0xjbrown41@xxxxxxxxx> wrote:
* establishing of arbitrary phone calls

From RFC 3966 (http://www.faqs.org/rfcs/rfc3966.html):

...

So, if you are referring to the callto: security risk on most all mobile 
browsers, they already know.


Although your point is completely valid, we make use of some other
technique to establish arbitrary phone calls.

Best Regards,
Adam Gowdiak
-------------------------------------
Security Explorations
http://www.security-explorations.com
-------------------------------------

Prev by Date: Re: [funsec] facebook messages worm
Next by Date: OpenID/Debian PRNG/DNS Cache poisoning advisory
Previous by thread: Re: Re: [SE-2008-01] J2ME Security Vulnerabilities 2008
Next by thread: e107 <= 0.7.11 Arbitrary Variable Overwriting
Index(es):
- Date
- Thread