Re: IE Hole [Ralf Hueskes]

Keith Dawson (
Fri, 17 Oct 1997 18:46:38 -0400 (EDT)

> [unverified -- first report R]
> Oct. 17
> Ralf Hueskes discovered a major Internet Explorer 4.0 security hole
> that apparently makes it possible "to spy on the contents of any
> text and HTML files on somebody else's computer" using dynamic
> HTML. He says, "Not only local files are in danger, but also data
> on your company's intranet - even if it is protected by a
> firewall." A c't article has more details and notes that the
> MSIE 4 pre-release for the Mac OS apparently isn't affected.

I got this note from someone at c't magazine this morning and put it up
as the Tasty Bit o'the Day. Check the top level of the TBTF site for
links to an upcoming c't article and the discoveror's exploit page.