Timeline of Mozilla shell: Security Vulnerability
Friday July 9th, 2004
Adam Sacarny writes: "I have created a timeline of the latest security bug. It shows how quickly the Mozilla developers handled the problem, tracking from the first mention in Bugzilla to the last CVS commit to the webpage. Readers get a peak into how development works over at mozilla.org, in particular into how security issues get resolved."
We reported on the
Update: Adam, author of the timeline, has written a followup post with further commentary on the bug and its fix.
#14 Re: IE STILL has this bug / exploit
Saturday July 10th, 2004 1:26 PM
You are replying to this message
I don't see any evidence that IE would execut arbitrary code as they claimed Mozilla would. In fact, when I try to open an known executable, it prompts me to download or open the executable. The concern with Mozilla was that it would auto-execute the program with the arguments given to it by the website (the arguments make the exploit dangerous). IE apparently does not allow this as it probably used to.