Vulnerability Development mailing list archives
RE: Admin.dll (strings ./Admin.dll)
From: Isherwood Jeff C Contr AFRL/IFOSS <Jeffrey.Isherwood () rl af mil>
Date: Tue, 18 Sep 2001 18:17:20 -0400
We have al Java in email (outlook) disabled, but when we open the emails (or even preview them) they automaticaly launch (and of course try default media player for wav files cause of the associateion to wav-x). What I can't figure out is how is that java directed auto launch causing the attachment to automaticlly launch? I've double & triple checked my test platform, Java scripting is disabled. -----Original Message----- From: Robert D. [mailto:xkill () dingoblue net au] Sent: Tuesday, September 18, 2001 3:51 PM To: w1re p4ir Cc: incidents () securityfocus com; vuln-dev () securityfocus com Subject: Re: Admin.dll (strings ./Admin.dll)
Here's where it inserts the javascript to open the evil readme.eml mime
Buffer overflow. I'm I correct assuming this is the same problem discussed in MS00-043? In that case the following configurations are safe: IE 5.01 SP1 or later IE 5.5 or later ( except Windows 2000, sp1 safe?? )
Current thread:
- Admin.dll (strings ./Admin.dll) w1re p4ir (Sep 18)
- Re: Admin.dll (strings ./Admin.dll) Robert D. (Sep 18)
- Re: Admin.dll (strings ./Admin.dll) Gary Flynn (Sep 18)
- Re: Admin.dll (strings ./Admin.dll) Gary Flynn (Sep 18)
- Re: Admin.dll (strings ./Admin.dll) TJ Jablonowski (Sep 18)
- Re: Admin.dll (strings ./Admin.dll) Gary Flynn (Sep 18)
- <Possible follow-ups>
- RE: Admin.dll (strings ./Admin.dll) Isherwood Jeff C Contr AFRL/IFOSS (Sep 18)
- Re: Admin.dll (strings ./Admin.dll) Robert D. (Sep 18)