Updated:  October 30, 2000

Status

Affected

Vendor Statement

[...] the potential exploit in question can be completely prevented if the user does not click "continue" as stated above. Because of this safety measure, we do not feel an emergency release is necessary. However, we are planning on addressing this in a future release of Communicator, scheduled for release later this year. Additionally, this flaw was fixed in PSM approximately 6 months before [the initial report of the vulnerability].

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.