Tag - IE8
CVE-2009-4074
Thursday, November 26 2009
"Related to the details of output encoding". Encoding? Really? Neither Maone nor the Register mention encoding IIRC, and they are the only sources mentioned....
IE8 XSS Filter flaw?
Monday, November 23 2009
It seems that IE8 XSS Filter has a bug making otherwise safe sites vulnerable to XSS (if they don't opt-out the feature). While the Register post is less than informative, this is reported as well by...
IE8 XSS Protection, part 2
Friday, November 6 2009
Paul twitted a former entry of this blog about the IE8 XSS filter, subsequently attracting reactions on this otherwise very quiet blog :-). As the post in question was a typical trollish rant of me,...
IE8 XSS "Protection"
Tuesday, October 27 2009
So, it appears IE8 introduced a brand new XSS protection mechanism. It apparently does so by inspecting javascript resources and modifying them before execution. So long, so good? Well... apparently,...