Re: OE6 + VBS + WSH + WIN200 + XP + HTML.DROPPER

["Astalavista Security Group | Ivan Schmid" <ivan.schmid () schweiz org>]

confirmed working on
==========
German Windows2000 5.00.2195
German IE 6.00.2462.2195
OE6 6.00.2462.0000

With Interscan
==========
Sender, InterScan has detected virus(es)
( EMail_Flaw_MIME_Tag_Overflow ) in your e-mail attachment. (file:
suspicious long filename tag)


Ivan Schmid
----
Network Security Engineer
Astalavista Group, http://www.astalavista.NET




> confirmed working on
>
> English Win98SE 4.10.2222 A
> IE6 6.0.2600.0000 (i like the 2600 part)
> OE6  6.0.2600.0000
>
> all 98 hitfixes applied, fresh IE6 install.
>
> A side note, i installed IE6 and deselected a few things like VBscript and
> media player. Doing my usual surfing up came dialogs that i 'had to
> iunstall
> vbscripting and media player' all the time... so in the end i just went
> with
> it. Thats kinda stupid aint it? the pages i frequent worked fine without
> these add-ons earlier, but with IE6 no go.
>
> too bad..
>
>
>
> ----- Original Message -----
> From: <http-equiv () excite com>
> To: <Vuln-Dev () securityfocus com>
> Sent: Saturday, September 01, 2001 9:37 PM
> Subject: OE6 + VBS + WSH + WIN200 + XP + HTML.DROPPER
>
>
> > working demo:
> >
> > harmless *.exe. Ensure OE6 is default in that the new security feature
is
> > not enabled.
> >
> > http://www.malware.com/bang.zip
> >
> > Thanks.
> >
> > we'd appreciate some feedback before we submit to BT.
> >
> > Does it work on all OS's if you accept 'open file' or do the various
OS's
> > incorporate additional safeguards.
> >
> >
> > ---
> > http://www.malware.com
> >
> >
> >
> >
> >
> > _______________________________________________________
> > Send a cool gift with your E-Card
> > http://www.bluemountain.com/giftcenter/