Outlook 2010: actual characters exposed in password fields of secue dialogs #4095

Closed
nvaccessAuto opened this Issue Apr 28, 2014 · 3 comments

1 participant

@nvaccessAuto

Reported by mdcurran on 2014-04-28 03:04
In password fields in Outlook 2010 when ITextDocument is not available, actual characters are exposed which is obviously a security risk. Standard edit controls have already been protected against, but richEdit controls (no ITextDocument) have not. _getTextRange on the Edit TextInfo.

@nvaccessAuto

Comment 1 by Michael Curran <mick@... on 2014-04-28 03:12
In [a068b28]:
```CommitTicketReference repository="" revision="a068b28ab03d4ab5d30d1eb2aa9e2f4c6d294e7b"
Merge branch 't4095' into next. Incubates #4095

Changes:
Added labels: incubating
@nvaccessAuto

Comment 2 by Michael Curran <mick@... on 2014-06-10 04:33
In [569bf8f]:
```CommitTicketReference repository="" revision="569bf8f0f4555c178e9cf98428526b7bed048f91"
Merge branch 't4095'. Fixes #4095

Changes:
Removed labels: incubating
State: closed
@nvaccessAuto

Comment 3 by mdcurran on 2014-06-10 04:35
Changes:
Milestone changed from next to 2014.3

@nvaccessAuto nvaccessAuto added the bug label Nov 10, 2015
@nvaccessAuto nvaccessAuto added this to the 2014.3 milestone Nov 10, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment