Even though Windows Media Player is not something generally used to render images, it has the capability of doing that. It's not difficult to create a Web page that uses Windows Media Player to display an image instead of the default application. I think it's a ripe target for exploitation if we see public exploit code for it.
More Quotes from Michael Sutton:
Many of our most valuable contributors consistently identify significant vulnerabilities that may never make the front page, but both avert major exploitation and secure considerable compensation through our rewards program.Michael Sutton
There is some irony there.
Michael Sutton
This is relatively easy to exploit. It takes some degree of social engineering -- the attacker would have to draw people to a malicious Web site -- but after that, there's no further intervention required. An attacker could leverage this to write to a file on the hard drive. And once you can write to a person's machine, you have full control.
Michael Sutton
The only model that makes no sense to me is the altruistic model. The vendor wants the researcher to do his code review for free and that doesn't quite fly. They are profiting from the vulnerability information but they don't want to pay for it.
Michael Sutton
The attraction is that we are not bogged down in tremendous bureaucracies and processes that make it difficult to get the transactions done.
Michael Sutton
Readers Who Like This Quotation Also Like:
Things are worth what they will fetch at a sale.Edward Coke
Is encouragement what the poet needs? Open question. Maybe he needs discouragement. In fact, quite a few of them need more discouragement, the most discouragement possible.
Robert Fitzgerald
The merit of a democratic regime rests on one's continual willingness to exchange views, and to compete on the basis of individual merit and capacities.
Jose Eduardo Dos Santos