[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Synergy between IE4 bug and Intel flaw

To: [email protected]
Subject: Synergy between IE4 bug and Intel flaw
From: [email protected]
Date: Tue, 18 Nov 1997 10:33:54 -0800
Original-From: Bill Stewart <[email protected]>
Sender: [email protected]


RISKS DIGEST 19.46 http://catless.ncl.ac.uk/Risks/19.46.html     
has several articles on the Pentium F00FC7C8 bug.
Apparently there are workarounds for it, but there's also the article below.
(Also, Microsoft has supposedly issued a fix for the IE4 bug, 
but fat chance on everybody deploying it quickly enough.)
-----------------------------------------
Date: Wed, 12 Nov 1997 08:27:05 -0700 (MST)
From: Jonathan Levine <[email protected]>
Subject: Synergy between IE4 bug and Intel flaw

By now I'm sure you've heard about this delightful synergy:
> ------- Forwarded Message
> Date:    Tue, 11 Nov 1997 06:53:45 -0500
> From:    "Per Hammer" <[email protected]>
> Subject: New IE4 security hole exploited ...
> 
> http://www.wired.com/news/news/technology/story/8429.html
> 
> The deal is, if your use a 'RES://' URL that us longer than 256 characters,
> byte 257 onwards will be executed as machine code. Now ... think ...
> F0 0F C7 C8
> 
> Which is only slightly less malicious than deleting any files ...
> 
> Per Hammer  [email protected]

Prev by Date: Re: I-D ACTION:draft-ietf-openpgp-formats-00.txt
Next by Date: Re: Overcoming War by Making Friends
Prev by thread: I-D ACTION:draft-ietf-openpgp-formats-00.txt
Next by thread: Re: Overcoming War by Making Friends
Index(es):
- Date
- Thread