Full Disclosure mailing list archives
Re: ADODB.Stream object
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Wed, 27 Aug 2003 14:20:35 +1200
jelmer <jkuperus () planet nl> wrote: <<snip interesting stuff>>
I dont think it in it self can not be concidered a security vulnerabilty as it only works when the file containing the code is present on a users harddisk, though html files are generally considered trusted and you can probably trick some people into opening an html file by sending it to them through msn messenger or whatever. It can most likely be used to leverage other vulnerabilities, for instance many programs download information to predictable locations from where you might invoke it.
I do not see this as much of an issue/problem for widespread exploitation of this. Recall the (modest) "success" of the MindJail virus, and the ongoing success of Mijail (which is by far the most prevalent mass-mailing virus this month if you ignore the Sobig.F freak). Both of these viruses exploited a "My Computer" zone-only IE vulnerability, depending on the typical handling of files from inside archives being placed into %TEMP% despite their source archives clearly being handled in the TIF. Of course, MS (and thus IE) cannot manage third-party programs handling of files passed out of of IE's security zones... -- Nick FitzGerald Computer Virus Consulting Ltd. Ph/FAX: +64 3 3529854 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- ADODB.Stream object jelmer (Aug 26)
- Re: ADODB.Stream object Thor Larholm (Aug 26)
- RE: ADODB.Stream object Richard M. Smith (Aug 26)
- Re: ADODB.Stream object Thor Larholm (Aug 26)
- RE: ADODB.Stream object Richard M. Smith (Aug 26)
- Re: ADODB.Stream object Stephen Clowater (Aug 26)
- RE: ADODB.Stream object Nick FitzGerald (Aug 26)
- RE: ADODB.Stream object Richard M. Smith (Aug 26)
- Re: ADODB.Stream object Thor Larholm (Aug 26)
- Re: ADODB.Stream object Nick FitzGerald (Aug 26)
- Re: ADODB.Stream object jelmer (Aug 27)
- Re: ADODB.Stream object Nick FitzGerald (Aug 27)
- Re: ADODB.Stream object jelmer (Aug 27)