Bugtraq mailing list archives
Re: IE5 ActiveX security bug
From: apendleton () VGSINC COM (Adam H. Pendleton)
Date: Tue, 3 Aug 1999 14:34:17 -0400
Assuming that this would apply to non-malicious ActiveX controls, I can not reproduce this condition with IE 5 on Windows NT. I have set the ActiveX setting to "Prompt.." and went to http://www.microsoft.com/mscorp/. The first time, I selected "Yes", and the virtual tour picture activated. I closed IE5, went back to the page, selected no, and it did NOT run. Even going back to the page, I was still prompted, and could not get the control to run again without selecting yes. Perhaps this is a unique case, or a caching issue. Adam ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Si hoc legere scis nimium eruditionis habes. ----- Original Message ----- From: Sami Kuhmonen <feenix () IQS FI> To: <BUGTRAQ () SECURITYFOCUS COM> Sent: Sunday, August 01, 1999 2:21 PM Subject: IE5 ActiveX security bug
There is a severe bug in Internet Explorer 5's security system concerning ActiveX components on web pages. If you go to a web page that has an evil ActiveX component (for example, the component shuts down Windows) and tell IE to run the component, of course it runs it. After that you know that you do not want to run that component. But what happens when you go to that page later? IE5 asks whether you want to run this component or not. Say no, and it still runs it! So all it takes is one little mistake to run the component and it will be run every time you go to a page with that component. And think what will happen, if the component doesn't do its damage the first time, but the second time or later. Even if you don't want to run it, it will be run. And it might not even be shown on the screen. -- Sami Kuhmonen | sami () iqs fi | http://feenix.iqs.fi/ iQs Partners Finland | iqs () iqs fi | http://www.iqs.fi/ !!Webhotellit ilman avausmaksua!! | http://www.saitti.net/ * Tutustu verkkokauppaan! | http://kauppa.iqs.fi/ *
Current thread:
- Re: FW-1 DOS attack: PART II Spitzner, Lance (Jul 31)
- <Possible follow-ups>
- Re: FW-1 DOS attack: PART II Ramon Krikken (Aug 01)
- Re: FW-1 DOS attack: PART II Spitzner, Lance (Aug 01)
- Re: FW-1 DOS attack: PART II Steve Birnbaum (Aug 03)
- IE5 ActiveX security bug Sami Kuhmonen (Aug 01)
- Re: IE5 ActiveX security bug Adam H. Pendleton (Aug 03)
- Re: IE5 ActiveX security bug Hakeem Shittu (Aug 03)
- Fwd: [SECURITY] New version of samba released Chris Ruvolo (Aug 01)
- midnight commander vulnerability(?) (fwd) coda (Aug 01)
- Re: FW-1 DOS attack: PART II Spitzner, Lance (Aug 01)
- Re: FW-1 DOS attack: PART II Sean Boyle (Aug 02)
- Re: FW-1 DOS attack: PART II Darren Reed (Aug 03)
- Re: FW-1 DOS attack: PART II Leif Sawyer (Aug 03)
- Re: FW-1 DOS attack: PART II Darren Reed (Aug 05)