Vulnerability Development mailing list archives
Re: Outlook HTML VBS (demo)
From: 11a () GMX NET (Bluefish)
Date: Mon, 22 May 2000 21:20:02 +0200
I think so too. I didn't think this was an unknown issue, the first javascript I did was a simple "open a lot of windowses" which I sent to a friend of mine (who I knew to be humorous and wouldn't get angry over it) This behaviour has been netscape default since 3.0 at least, and can obviously be used to rather malicious tricks, like doing a delay and then fool the reciever to type in his "network password" or something. Except for "social engineering", I don't think there's more vulnerabilities into it. Can be disabled in the preferences btw. On Sun, 21 May 2000, Blue Boar wrote:
Heh. Pretty good. Just previewing the note popped the alert. Netscape messenger 4.6. Makes sense I suppose, it's just trying to "display" the HTML. I assume the note is still sandboxed, and can't do anything terribly interesting? (Other than whatever browser holes are in the version used to read it.) Any Javascript experts? Is there a Netscape API for going through the mailbox? BB
..:::::::::::::::::::::::::::::::::::::::::::::::::.. http://www.11a.nu || http://bluefish.11a.nu eleventh alliance development & security team
Current thread:
- Re: Outlook HTML VBS (demo) Masial (May 21)
- Re: Outlook HTML VBS (demo) Jason Brown (May 21)
- Re: Outlook HTML VBS (demo) Blue Boar (May 21)
- Re: Outlook HTML VBS (demo) PCbob - Slobodan miskoviC (May 21)
- Vs: Re: Outlook HTML VBS (demo) Marko Ernvall (May 22)
- Re: Outlook HTML VBS (demo) Bluefish (May 22)
- Re: Outlook HTML VBS (demo) PCbob - Slobodan miskoviC (May 21)
- <Possible follow-ups>
- Re: Outlook HTML VBS (demo) Hull, Dave (May 22)
- Re: Outlook HTML VBS (demo) Hull, Dave (May 22)
- Windows DoS code (jolt2.c) Phonix Monkey (May 25)
- Re: Windows DoS code (jolt2.c) Matthew S. Hallacy (May 27)
- Re: Windows DoS code (jolt2.c) Brian S. DuRoss (May 27)
- Re: Windows DoS code (jolt2.c) Matthew S. Hallacy (May 27)
- Re: Windows DoS code (jolt2.c) Brad Spengler (May 29)
- Windows DoS code (jolt2.c) Phonix Monkey (May 25)
- Re: Windows DoS code (jolt2.c) Mikael Olsson (May 28)