Bugtraq mailing list archives
Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases
From: Philip Stoev <philip () EINET BG>
Date: Wed, 20 Sep 2000 11:27:27 +0300
----- Original Message ----- From: "Francis Favorini" <francis.favorini () DUKE EDU>
Of course the above does not protect against a user being tricked into opening a document from a share under the attacker's control somewhere out on the Internet. "Standard firewall practices" blocking incoming and outgoing NBT/CIFS/SMB should take care of that. ;-)
Hey, what about Web Folders? AFAIK, those go through vanilla HTTP and it is not easy to block them all. Imagine the attacker presents himself as a free-web-folder-space provider. The user mounts the remote web folder on his system and you may get the same scenario as with an ordinary SMB share. Anyone able to test?
I always set up Temp directories to not allow Executing files
Again, this breaks Microsoft Setups, as well as other installs out there. Philip
Current thread:
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases, (continued)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases John Lange (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorermay execute arbitrary programs in some cases Crist Clark (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Chip Andrews (Sep 20)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Matthew Dharm (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases aleph (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Milan Kopacka (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases van der Kooij, Hugo (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Todd Ransom (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Francis Favorini (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Philip Stoev (Sep 20)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Jesper M. Johansson (Sep 21)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Philip Stoev (Sep 20)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases John Wiltshire (Sep 20)