Much like classic XSS [cross site scripting] holes, this design flaw in IE allows an attacker to retrieve private user data or execute operations on the user's behalf on remote domains.
Matan Gillon
Related
The flaw can be exploited if the user opens a wrong file or goes to a wrong Web site. Then the attac...
MARC MAIFFRET Normally, browsers impose strong restrictions for cross-domain interaction through the Web browser. ...
MATAN GILLON This could have led to the stealing of identities, allowing a remote attacker to deceive innocent us...
LIMOR ELBAZ It's not like any other flaw in IE?it's definitely different.
TOM FERRIS I think it's pretty obvious to most people that Napster is not media specific, but I could see a...
SHAWN FANNING There are two primary ways that drive-by downloads are done, either through a vulnerability in IE it...
GARY SCHARE User-centered design means working with your users all throughout the project.
DONALD NORMAN Three of the vulnerabilities can launch malicious code that allows an attacker to snoop on users. Th...
THOMAS KRISTENSEN It's a design flaw, ... A little flaw, but they latched on to it.
JOE ARPAIO This trading software is designed to generate precision trading signals on stocks that the user sele...
WILLIAM MCKINLEY Web users ultimately want to get at data quickly and easily. They don't care as much about attractiv...
TIM BERNERS Web users ultimately want to get at data quickly and easily. They don't care as much about attractiv...
TIM BERNERS-LEE Hi, this is a user adding an obviously fake quote. I'm doing this because I'm tired of seeing fake T...
TOM HIDDLESTON If your users have many questions, it's a failure of your primary site design. It becomes not so muc...
JAKOB NIELSEN Web users ultimately want to get at data quickly and easily. They don't care as much about attra...
TIM BERNERS-LEE Directive design gives an either/or choice, similar to a traffic sign. Interpretive design allows fo...
MAGGIE MACNAB If you surf to a given Web site, it will hack your machine, install malicious code on it and let an ...
ED SKOUDIS Users might lose trust in the system if there are multiple versions of the same domains. If someone ...
GEIR RASMUSSEN Our new maps service is the result of extensive research on user preferences and experiences, ... W...
PAUL LEVINE RSS is probably the biggest area of innovation in IE 7. We've done work both on the end user to expo...
GARY SCHARE Disney gives us their tremendous promotional power. This allows us to advertise on the Disney proper...
HARRY MOTRO Thousands of Web sites can be exploited, and there isn't a simple solution against this attack at le...
MATAN GILLON Innovation happens in the consumer space much more quickly. For a lot of reasons, applications that ...
DAVE GIROUARD Regular users know nothing about program languages or varying exchange protocols. They just want the...
MARK BOWDEN Suggestions or comments on this site? Send an email -Frank Zappa.
FRANK ZAPPA It certainly allows us to execute the business plan much more effectively and much more quickly.
GREG WILKINS Most carriers want their users to stay on the company's home page, yet this could drive usage of dat...
LINDA BARRABEE Fluke Networks and CA have teamed up to provide a broader and deeper enterprise systems management a...
LISA SCHWARTZ What makes this interesting is that this is not one-blade to one-user. One blade can support multipl...
CHARLES KING In most cases, mobile users are searching for spur-of-the-moment data, like a local restaurant or di...
WHIT ANDREWS Fluke Networks and CA have teamed up to provide a broader and deeper enterprise systems management a...
LISA SCHWARTZ I think this will encourage the private sector to look more at their ability to continue operations ...
GARY VICKERS There is a whole host of applications that need to know user data. A lot of programmers want to know...
BEN ANDERSON The deal potentially makes them a top 10 online site based on monthly unique users.
MATT FINICK I am disappointed. I didn't execute shots. I'm going to try to retrieve this round and have a good b...
BEN CRENSHAW We want to simplify life on the Web and we certainly have no intention of subjecting users to unnece...
PAUL BARRETT This wind was so different. There were four holes that were downwind, and the wind was a cross wind ...
MATT HANSEN CEM allows Web managers to [see] not just if the site is up or down, but what the customer is experi...
DAVE CHAPMAN The extra accuracy and gain allows you to use smaller shunts. A smaller current sensor requires more...
TRENT BUTCHER We actually don't track how long a user stays on our site. We want to be a switchboard.
KATIE JACOBS STANTON It allows us to simulate ahead of time, planning without actually moving the object on site
BILL STONE The Security Center is a good effort on Microsoft's part to bring an aggregated view to users, but o...
LAURA GARCIA The increase in service tax means you pay more now. It adds up to a lot for entry-level users. Any e...
KOBITA DESAI We can inform decisions when we look at data points on retention rates with your first hundred users...
SUNIL NAGARAJ The lines are blurring online -- a lot of the things you find on our site you'd find on a consumer m...
GREG TITUS The French judge decided they could apply the law merely because the user in France can get on the I...
GREG WRENN Most people want to search private data much more often than they need to search public data.
LARRY ELLISON We certainly hope that Facebook allows users to connect with their friends on Path and with any othe...
DAVE MORIN While the Finder allows the user to find out that the file is an executable ? with a right-click, fo...
MICHAEL LEHN Staff should be exploring ways of aggregating information, based on surveys and focus groups, to mak...
GARY BASS Staff should be exploring ways of aggregating information, based on surveys and focus groups, to mak...
GARY BASS Path does not spam users. Invites on Path are never sent without a user's consent - any allegati...
DAVE MORIN The point is that analytical designs are not to be decided on their convenience to the user or neces...
EDWARD TUFTE If you don’t like speaking much, wear red clothes; they will speak on behalf of you!
MEHMET MURAT ILDAN For the average user, it's a reminder that software applications can open security holes and that ap...
ED FELTEN I'm in the middle of the road, it seems vague of unclear way, of where I'm going but no matter what ...
HLONIM They stand uncertainly underneath immense skies, and everything about them is drowned.
JACK KEROUAC I heard the Denver and Rio Grande locomotives howling off in to the mountains. I wanted to pursue my...
JACK KEROUAC I read my copy of On the Road and dug the scenery whizzing past. On the Road is a semi-autobiographi...
CORY DOCTOROW We don't have details on how to apply for FEMA assistance or how to contact the Red Cross or the Arm...
JAMES HARTMAN I believe the expectations of the user sometimes dictate either satisfaction or dissatisfaction with...
LARRY OLSON Remote office consolidation is a business problem that requires a holistic approach. To succeed, ent...
JOE SKORUPA It allows a lot more flexibility on our operations, ... It will also help decrease the amount of ove...
TOM TAYLOR He's been working hard on behalf of the residents and he wants to see the site cleaned up completely...
AUDREY JONES AOL, Microsoft and Yahoo did not violate the privacy of any user by handing over this information. N...
DANNY SULLIVAN Early versions of the infrastructure is either in place or being put in place. It's not inconceivabl...
JAIME PUNISHILL In addition to extensive non-captive end user financing experience, we have specialists that are foc...
LEE KERMODE Disney will promote IE (and no other browser) as the client browser software of choice for users of ...
WALT DISNEY They're concentrating more on international routes, they've restructured their domestic operations a...
DOUGLAS BAIRD If we want users to like our software, we should design it to behave like a likeable person.
ALAN COOPER This is a purposeful device to help businesses manage data. And if a catastrophe strikes, there's pe...
JOHN WILLIAMS AJAX in particular is an important addition to Creator, because it allows for the generated Web appl...
STEPHEN O'GRADY I am walking a fine line, but I am doing it very carefully because I am not disclosing actual vulner...
TOM FERRIS We think this is the first actual non-IE browser to be included on any [Windows] PC since the 1990s.
ANDREW WEINSTEIN Mobile forced us to rethink the user experience and do something people would be able to carry out o...
LOGAN GREEN The whole concept of user design changes dramatically when you're dealing with this kind of environm...
GISELE BENNETT How TO Retrieve Debts Without Rancour; Dear Sir/madam, I know you are not a bad debtor as people thi...
DAVID ATTA (A.K.A DAVIED ATTLARS & MR DAIN) An intelligent grid would provide us with on-demand data and information that would enhance service ...
DON CORTEZ The explosion of online video ... has heightened the need for an effective, user-friendly search eng...
ALEX LAATS This specific flaw was reported to Oracle on the 19th of February 2006.
DAVID LITCHFIELD The only people who are restricted from bidding on this are Congressman Cunningham or anyone acting ...
BRITNEY SHEEHAN This is not just an IT thing. There is an IT component of it in managing the data, moving and transf...
CLIFF LONGMAN Web sites get hacked so frequently, probably 50 a day, and if a hacker breaks into a Web site, they ...
CHRIS ROULAND That's not how national security works... I don't care what the Supreme Court said 30 years ...
MARK LEVIN I don’t want my thoughts to die with me, I want to have done something. I’m not interested in po...
TEMPLE GRANDIN The current management regime allows for degradation of soil, water and vegetation on national fores...
BOB EKEY Windows Updates have sometimes been a pain point for users. The update pop-ups can interrupt a movie...
BEN PARR People who use Novell on Linux really like it. We are starting to see acceptance of this combination...
EDWARD CORRADO Women have their own strengths, like fashion. In technology, we can contribute in a big way in terms...
WEILI DAI We need more data on the economic and environmental feasibility of going forward with a business par...
GREG KESSLER Adelbert deserves this much. This venture is by the people of St Philip but it is also on behalf of ...
TREVOR ALLEYNE Proponents of the bill want to make sure there's an opportunity for intelligent design or creationis...
CAROL LEAR Reason cannot calm the storm of emotion, and emotion usually wins, until it settles down and allows ...
HAMZA YUSUF On behalf of the Government and people of India and on my own behalf, I would like to convey to you ...
ABDUL KALAM This is where the world is going: direct access from anywhere to any type of data, whether it's ...
HASSO PLATTNER Looking at past data and previous mergers, typically you do find an increase in customer satisfactio...
KIRK PARSONS We also would like to express our gratitude to the police and to the private citizens who helped to ...
JOSH TAYLOR Banks have been careful not to put too much on the end-user. Look at PIN codes. We had four digits. ...
JOHN PIRONTI Brain researchers estimate that your unconscious data base outweighs the conscious on an order excee...
MICHAEL J. GELB We are hoping in Windows Vista to dramatically drive this number down so most tasks that users need ...
BRAD GOLDBERG