[VIM] [Full-disclosure] ZDI-06-014: Verisign I-Nav ActiveX Control Code Execution Vulnerability

security curmudgeon jericho at attrition.org
Mon May 15 07:45:56 EDT 2006


: -- Affected Vendor:
: Verisign
: 
: -- Affected Products:
: i-Nav ActiveX Control

-- Affected Versions:
???

: -- Vendor Response:
: Verisign has addressed this issue in the latest version of the affected
: technology:
: 
:     http://www.idnnow.com

Invalid Web Browser

You are currently using a browser not supported by this version of 
Verisign's software. You can either click on the link below to take you to 
Microsoft's website to download the latest version of Internet Explorer or 
press the "Continue" button to go to the website you typed in your browser 
bar- note the multilingual characters will not be displayed in oyur 
address bar if you click the 'Continue" button.

--

Not listing the affected versions or the "upgrade to" solution version is 
weak. I expect this from the ctrl-v kids who don't even know what version 
of a /demo/ product they are testing, not a shop like ZDI/TP/3Com!



More information about the VIM mailing list