curl: no_proxy IDN mismatch: Unicode hostnames bypass proxy exclusion list

Summary Unicode IDN hostnames in noproxy are never converted to punycode before comparison, so they never match the request hostname which curl has already converted to punycode. A user who types noproxy="bücher.de" and requests http://bücher.de/ expects the proxy to be bypassed. Instead curl...

Internet Explorer wininet.dll URL parsing memory corruption details

Vendor: Microsoft Software: Internet Explorer 6.0, 5.5, 5.01 Problem: Memory corruption, code execution Remote: Yes Risk Level: Medium to low hard to exploit Authors: Axle ICQ 755756 bug discovery 3APA3A, http://www.security.nnov.ru/ bug research Original URL:...