Re: Phishing using IE7 local resource vulnerability

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: Phishing using IE7 local resource vulnerability
From: robert@xxxxxxxxxxxxxxxxxxxxxxxxxx
Date: 15 Mar 2007 15:12:34 -0000

This appears to be mitigated in Vista by Protected Mode, which is on by default, and denies access to local resources. If people decide to disable UAC, they must accept the potential risks that come with it, such as this XSS attack. I appreciate that this is a valid risk for XP.

Follow-Ups:
- RE: Phishing using IE7 local resource vulnerability
  - From: avivra

Prev by Date: Re: Firekeeper - IDS for Firefox available
Next by Date: Remote File Inclusion in ViperWeb
Previous by thread: Phishing using IE7 local resource vulnerability
Next by thread: RE: Phishing using IE7 local resource vulnerability
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]

Powered by Linux