Bugtraq mailing list archives
Re: REFRESH: EUDORA MAIL 5.1.1
From: Doug Monroe <monwel () interhack net>
Date: Thu, 25 Jul 2002 09:59:59 -0400
"http-equiv () excite com" wrote:
Tuesday, July 23, 2002 Trivial silent delivery and installation of an executable on a target computer. This can be accomplished with the default installation of the mail client Eudora 5.1.1: 'allow executables in HTML content' DISABLED 'use Microsoft viewer' ENABLED
[snip]
Working Example:
[snip]
http://www.malware.com/boodora.txt Notes: disable 'use Microsoft viewer'
A Eudora expert I am not, but I suppose one could also change HKCU/software/qualcomm/eudora/launchmanager/path#2 from "c:\windows\application data\qualcomm\eudora\embedded" or "c:\program files\qualcomm\eudora pro\embedded" to some other, non-default folder name. New folder must exist before running eudora again. And... add mhtml to "WarnExtentions#X" key values?
Current thread:
- REFRESH: EUDORA MAIL 5.1.1 http-equiv () excite com (Jul 24)
- Re: REFRESH: EUDORA MAIL 5.1.1 Doug Monroe (Jul 25)
- UPDATE: Re: REFRESH: EUDORA MAIL 5.1.1 http-equiv () excite com (Jul 25)
- Re: UPDATE: Re: REFRESH: EUDORA MAIL 5.1.1 Jeff Kell (Jul 25)
- Re: UPDATE: Re: REFRESH: EUDORA MAIL 5.1.1 Nick FitzGerald (Jul 26)
- Re: [Full-Disclosure] Re: UPDATE: Re: REFRESH: EUDORA MAIL 5.1.1 http-equiv () excite com (Jul 26)
- UPDATE: Re: REFRESH: EUDORA MAIL 5.1.1 http-equiv () excite com (Jul 25)
- Re: REFRESH: EUDORA MAIL 5.1.1 Doug Monroe (Jul 25)