Vulnerability Development mailing list archives
Re: Outlook/HTML "proggie"
From: mrousseau () LABCAL COM (Maxime Rousseau)
Date: Wed, 31 May 2000 10:34:40 -0400
! -----Original Message----- ! From: VULN-DEV (kiss the sun and walk on air) ! Sent: Wednesday, May 31, 2000 7:35 AM ! ! My guess was the "Scripting" object, or SCRRUN.DLL. Thats ! the DLL that ! contains the FileSystemObject classes and its subordinates that the ! recent rash of VBS scripts have been using to access the disk. ! -pete I would be very very VERY surprised if a script within the HTML of an eMail would be able to access the FileSystemObject. Saying this means every eMail/website is able to read/write/delete all of your files at will. I think you are confusing the ILY kind of viruses where the users actually double-click a .vbs file, giving it their permission to run in the Computer context and not in an internet context. I also really doublt its a screen saver :) Unless they made an ActiveX/COM interface on screensavers while i was looking the other way? The best guess would be to assume he used one of the old objects overflows and that his post was nothing but an empty brag without substance or new technical material of interest. As Thierry pointed out, this might be the BadBlood thing or the BubbleBoy virus too. If this is something new I'm still very interested in knowing what is that SCR object he used. M.
Current thread:
- Re: Outlook/HTML "proggie" Maxime Rousseau (May 29)
- Re: Outlook/HTML "proggie" Su Wadlow (May 29)
- Re: Outlook/HTML "proggie" kiss the sun and walk on air (May 31)
- <Possible follow-ups>
- Re: Outlook/HTML "proggie" Maxime Rousseau (May 31)
- Re: Outlook/HTML "proggie" Su Wadlow (May 29)