Date: Fri, 19 Mar 1999 11:46:01 +0100
From: Most Psychoid <psychoid@GMX.NET>
To: BUGTRAQ@netspace.org
Subject: IE5 - same vulnerabilities, only some fixed

Hello,

The new Microsoft Internet Explorer 5 (I checked Version: 5.00.0910.1309)
still allows Frame Spoofing and reading of local Files as described by
Georgi Guninski (see http://www.whitehats.com/guninski/read.html).

Another new feature named "AutoComplete" stores entries (which also may be
passwords). Just another new source for passwords which had not been saved
in IE 4.x.

The Crash-bugs seem to be removed. I could not crash my default installed
IE 5 using the known exploits.

So far,

psychoid

---
Sent through Global Message Exchange - http://www.gmx.net