FW: Re: not confirmed but i wonder what this would do

[itm () itmo dyndns org]

forwarding his to vuln-dev like i was told. 

> I havent tested this but i wonder if this could be used as a DoS attack:
>
> 1.embed a string to a cookie which matches with some virus string (like that
> example virus-detector string, cant remember its name)
>
> 2.browser usually saves the cookie straight into a file
>
> 3.anti-virus program finds out that there is a virus in the file since it
> matches the string, and quarantines /deletes the file and pops up a dialog
>
> 4. what then? IE dies since it cant access the cookie file? user is very
> confused? browsing is halted atleast? will the antivirus program intercept the
> attack from the http response already or will it get into the file and cause
> this effect? what can you do to prevent stuff like this? naturally disable
> cookies or not browse the site but..
>
> gotta test this but now i havent got the time.
>
>
> Markus Mikkolainen