Vulnerability Development mailing list archives
Re: Unwanted automagic processing (Was: Re: [Q] CORBA, IIOP)
From: simont () WESTEL900 HU (Simon Tamás)
Date: Mon, 13 Mar 2000 09:32:19 +0100
Hi! So I might be able to putsome malicious HTML code in my vcard? Be careful next time :-) S.T. Mikael Olsson wrote:
Speaking of software doing anwanted automatic processing, I just saw one member of this list do something I didn't think was possible. See this vcard attachment: Content-Type: text/x-vcard; charset=iso-8859-2; name="simont.vcf" Content-Transfer-Encoding: 7bit Content-Description: Card for Simon Tamás Content-Disposition: attachment; filename="simont.vcf" begin:vcard n:Simon;Tamás tel;cell:3630305510 x-mozilla-html:TRUE url:www.westel900.hu org:<IMG SRC="http://users.westel900.net/amk/images/wlogo.gif">;Special Project adr:;;Kaposvár str. 5-7;Budapest;;1117;Hungary version:2.1 email;internet:simont () westel900 hu title:www sw engineer x-mozilla-cpt:;-1 fn:Simon Tamás end:vcard Look at the IMG SRC tag. Why is my nutscrape parsing the vcard contents as HTML? Is this intended behaviour? I had the idea a while back to implement a mail filter that kills anything looking like HTML (ie stripping all tags from text/html mime sections), but this example shows me the futility of that effort. Ack. -- Mikael Olsson, EnterNet Sweden AB, Box 393, S-891 28 ÖRNSKÖLDSVIK Phone: +46 (0)660 105 50 Fax: +46 (0)660 122 50 Mobile: +46 (0)70 66 77 636 WWW: http://www.enternet.se E-mail: mikael.olsson () enternet se
<HR NOSHADE> <UL> <LI>text/x-vcard attachment: Card for Simon Tam\s </UL>
Current thread:
- Re: spoofing the ethernet address, (continued)
- Re: spoofing the ethernet address Dimitrios Petropoulos x9234 Singer / 4 (Mar 08)
- [Q] CORBA, IIOP Simon Tamás (Mar 08)
- Unwanted automagic processing (Was: Re: [Q] CORBA, IIOP) Mikael Olsson (Mar 09)
- Re: Unwanted automagic processing (Was: Re: [Q] CORBA, IIOP) Nicolas Justin (Mar 10)
- Re: Unwanted automagic processing (Was: Re: [Q] CORBA, IIOP) Liviu Daia (Mar 10)
- MS Frontpage shtml.dll Path Leak Vulnerability Greg (Mar 12)
- NT 4.0 (Workstation) Logon Authentication Vulnerability jhw1970 () HOTMAIL COM (Mar 14)
- Re: NT 4.0 (Workstation) Logon Authentication Vulnerability Phil Cox (Mar 14)
- Re: NT 4.0 (Workstation) Logon Authentication Vulnerability Maxime Rousseau (Mar 15)
- Re: MS Frontpage shtml.dll Path Leak Vulnerability Marc (Mar 14)
- Re: Unwanted automagic processing (Was: Re: [Q] CORBA, IIOP) Simon Tamás (Mar 13)
- (another) MS Outlook hole in embedded metafiles? Michael Wojcik (Mar 08)
- Re: spoofing the ethernet address Pavel Kankovsky (Mar 09)
- Extending the FTP "ALG" vulnerability to any FTP client Mikael Olsson (Mar 10)
- DoS in ArGoSoft FTP Server, Version 1.04 (1.0.4.4) for win* Knud Erik Højgaard (Feb 11)
- Re: Extending the FTP "ALG" vulnerability to any FTP client Dug Song (Mar 11)
- Security auditing of network infrastructure Martin M Samson (Mar 11)
- information being stored from cgi forms Bob Johnson (Mar 10)
- Re: information being stored from cgi forms Crispin Cowan (Mar 10)