10 replies to this topic

[ShadowLink64]

Hello everyone,

Just letting you know that the board has been patched for an exploit that IPS discovered in IPB 2.2.x forums.

More details can be seen here: http://forums.invisi...howtopic=234377

Apparently it had to do with uploads and a flaw in Internet Explorer that can allow for the browser to accidentally mistaken infected images as HTML and execute bad Javascript code.

[Tetiel]

*hugs my firefox*

[Icey Defeat]

It used the phrase possible, meaning no repored cases? Cool anywho xD

[ShadowLink64]

It used the phrase possible, meaning no repored cases? Cool anywho xD

Oh, yeah... I'm not sure if there are any reported cases, but they patched it anyways.

[Jenna]

well, thank you for the maintence incase

[Black Flame]

Sweet job, SL

*hugs my firefox*

Edited by Black Flame, 27 April 2007 - 04:07 AM.

[Eeyore]

*hugs my firefox*

[dolphinbomb]

*hugs my Opera*

[nox]

*hugs my Opera*

opera sux

i really wonder if it would have been better if they just silently released a patch, that way it'd be fixed & hackers who had no idea about this exploit wouldn't be able to abuse it on older / forums that haven't updated yet

[Tetiel]

opera sux

i really wonder if it would have been better if they just silently released a patch, that way it'd be fixed & hackers who had no idea about this exploit wouldn't be able to abuse it on older / forums that haven't updated yet

You know you really do have a point there... :\

[Hydrogen]

I think they realize that but realize it is better to tell the users what they are patching. They don't give out enough information to actually have a working hack and so a person would need to do some research before that and if they are able to find it through that, they could have found it probably even without it