>The Corsaire research project produced test cases for around 200 working >attack vectors, that when passed through the top 10 content products >produced over 800 individual vulnerabilities (needless to point out that >there are a lot more than 10 products in this arena). Not wanting to quibble, but looking for clarification: The associated UNIRAS advisory (http://www.uniras.gov.uk/vuls/2004/380375/mime.htm) lists the responses from various vendors with regards to these issues. I presume that these are nine of the "top 10 content providers". Vendors include: Apple, F-Secure, Fujitsu, HP, IBM, MessageLabs, Mozilla and ripMIME. Only ripMIME and F-Secure (Server products affected, workstation products fine) claim to have been found wanting. The remainder clearly state that their products, when put through the test suite, were _not_ found to be vulnerable. How does this translate to the figures you're talking about? I ask this to better understand the risk. Is this something everything else should be dropped for and this prioritized? From the UNIRAS advisory I'd assume not, unless of course you use F-secure servers or ripMIME, and, at the moment, it all seems a bit like a storm in a teacup. I also note that Microsoft was not listed as a vendor that responded. Were their products tested and if so what were the results? Cheers, David Litchfield NGSSoftware Ltd http://www.nextgenss.com/ http://www.databasesecurity.com/ +44(0)1334 470 027
