Bugtraq mailing list archives
RE: MSIE vulnerability exploitable with IncrediMail
From: Joachim Thuau <JThuau () thq com>
Date: Mon, 18 Mar 2002 16:00:08 -0800
There is an options under Tools/Options/Attachements which allow a user to specify the directory for an attachement. check http://www.eudora.com/download/eudora/windows/5.1/full_elec/Manual51.pdf page 229 - 230 --8<--[quote]--8<-- Attachment directory - This specifies what directory will receive incoming attachments. To specify a folder, single-click the folder name button. A dialog box appears prompting you to select a folder. The default folder is the Attach sub-folder of your Eudora Pro folder. --8<--[quote]--8<-- I beleive this option was already in place in 3.x,4.x and 5.x as well as an option to set the "delete attachement when emptying trash". (which might not work, from what you are saying). My $.02 -----Original Message----- From: RT [mailto:roelof () sensepost com] Sent: Friday, March 15, 2002 4:59 PM To: Thor Larholm Cc: 'Eric Detoisien'; bugtraq () securityfocus com Subject: RE: MSIE vulnerability exploitable with IncrediMail Immm... Eudora Mail .. automatically saves attachments in <drive>:\program files\qualcomm\eudora\attachments .. right? The (very old) version (4.1) that I have sure does that. And even if you delete the email itself (after opening), or right click on the file and selecting delete - the file stays. So, you just need to get the file in there and have the user visit a corrupted web .. and hey.. presto! Just my 2c on this, Roelof. On Fri, 15 Mar 2002, Thor Larholm wrote: +Isn't {42D00B20-479C-11d4-9706-00105A40931C} a GUID for your user account, +and as such unknown from time to time, making the proposed exploit +unfeasable ? + + +Regards +Thor Larholm +Jubii A/S - Internet Programmer + + ------------------------------------------------------ Roelof W Temmingh SensePost IT security roelof () sensepost com +27 83 448 6996 http://www.sensepost.com http://www.hackrack.com
Current thread:
- MSIE vulnerability exploitable with IncrediMail Eric Detoisien (Mar 15)
- MSIE vulnerability exploitable with Eudora (was: IncrediMail) Magnus Bodin (Mar 18)
- <Possible follow-ups>
- RE: MSIE vulnerability exploitable with IncrediMail Thor Larholm (Mar 15)
- RE: MSIE vulnerability exploitable with IncrediMail Eric Detoisien (Mar 16)
- RE: MSIE vulnerability exploitable with IncrediMail Thor Larholm (Mar 18)
- RE: MSIE vulnerability exploitable with IncrediMail Joachim Thuau (Mar 19)