Mailinglist Archive: opensuse-factory (1029 mails)

< Previous Next >
Re: [opensuse-factory] Re: Testing many small file write on several filesystems
On 11/5/2013 9:45 PM, Claudio Freire wrote:
On Wed, Nov 6, 2013 at 1:13 AM, Linda Walsh <suse@xxxxxxxxx> wrote:
On 11/5/2013 7:44 PM, Claudio Freire wrote:
On Tue, Nov 5, 2013 at 11:09 PM, Linda Walsh <suse@xxxxxxxxx> wrote:
No -- I assert that HTML is markup on text -- it isn't scripting -- but
it does the same thing that some reader do automatically.

That's oh-so-naive

Could you elaborate. I'm talking HTML with no includes and no scripts�
i.e. the complete source in the text.

Google search, first try, first query that popped into my head.

You should have looked a bit deeper...

Nothing about an exploit, but you can find a similar list @:

Including buffer overflows in mutt -- a plaintext reader.

or this is a goodie:

CERT/CC Blog: *****Plain Text Email in Outlook Express************* - Cached -
Nov 13, 2009 ... Reading email messages in plain text seems like a reasonable thing to ... cursor
stack buffer overflow vulnerability (VU#191609), I noticed that ...

So far you helping me show more bugs in plain text emails that I would have
guessed... maybe text emails are more of a security risk
than HTML, due to people's implicit belief that plaintext emails can't contain
such problems so there is less checking?

To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups