Full Disclosure mailing list archives
Re: ADODB.Stream object
From: "Thor Larholm" <lists.netsys.com () jscript dk>
Date: Tue, 26 Aug 2003 20:42:19 +0200
From: "Richard M. Smith" <rms () computerbytesman com> Agreed. However, I would go one step further. I don't think that the typical user has a need for HTML Applications and Windows Scripting Host. Both of these features along with their associated ActiveX controls should be disabled by default in Windows XP. They make writing malware too easy.
HTML Applications and the Windows Scripting Host both run on the same level as ordinary executables, and opening them is no different than opening EXE files. Neither are accessible from HTML. ActiveX is, though. Regards Thor Larholm PivX Solutions, LLC - Senior Security Researcher _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- ADODB.Stream object jelmer (Aug 26)
- Re: ADODB.Stream object Thor Larholm (Aug 26)
- RE: ADODB.Stream object Richard M. Smith (Aug 26)
- Re: ADODB.Stream object Thor Larholm (Aug 26)
- RE: ADODB.Stream object Richard M. Smith (Aug 26)
- Re: ADODB.Stream object Stephen Clowater (Aug 26)
- RE: ADODB.Stream object Nick FitzGerald (Aug 26)
- RE: ADODB.Stream object Richard M. Smith (Aug 26)
- Re: ADODB.Stream object Thor Larholm (Aug 26)
- Re: ADODB.Stream object Nick FitzGerald (Aug 26)
- Re: ADODB.Stream object jelmer (Aug 27)
- Re: ADODB.Stream object Nick FitzGerald (Aug 27)
- Re: ADODB.Stream object jelmer (Aug 27)