[prev in list] [next in list] [prev in thread] [next in thread] 

List:       vuln-dev
Subject:    Re: IE7 SELECT Tag
From:       Stefano Zanero <s.zanero () securenetwork ! it>
Date:       2006-11-05 20:12:23
Message-ID: 454E45A7.4070002 () securenetwork ! it
[Download RAW message or body]

dan.ross@picbusiness.com wrote:
> I just installed IE7 this morning, then promptly found my first bug.

This is surely a bug, but I don't see how it would classify as a
security bug. Examples ?

> Now, imagine instead of fruit, you're picking which bank account to transfer money to/from...

If a site relies on a client side script to perform anything security
sensitive, it's broken. But that's a problem of the website, not a
problem of this particulare IE7 bug.

Stefano
[prev in list] [next in list] [prev in thread] [next in thread]