Bugtraq mailing list archives
Re: IE5 allows executing programs
From: griffinb () HOTKEY NET AU (Brad Griffin)
Date: Fri, 3 Sep 1999 11:19:10 +1000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi all. I recently posted extracts from George Guninski's original post about this issue and an extract from Sysadmin's post (both with the code samples) in an e-mail to another list to inform some of 'the masses'. I received a personal e-mail from one of the people on that list describing the following: " I use Eudora Pro and have IE 5 as the default mail viewer (as is the default Install) and you crashed Eudora (NT not logged in as Administrator). I had to disable IE 5 as the default viewer to see the mail..." I assume this would have been caused by the mail reader attempting to execute all four fragments of code. Date sent: Wed, 1 Sep 1999 09:59:45 -0700 Send reply to: David LeBlanc <dleblanc () MINDSPRING COM> From: David LeBlanc <dleblanc () MINDSPRING COM> Subject: Re: IE5 allows executing programs Originally to: SysAdmin <SysAdmin () SASSPRODUCTIONS COM>, BUGTRAQ () SECURITYFOCUS COM To: BUGTRAQ () SECURITYFOCUS COM
Now for the detailed response... At 09:16 PM 8/30/99 -0400, SysAdmin wrote:ANY Windows 98 file can be overwritten.
*snip*
YOU CAN GET THE USER TO EXECUTE ARBITRARY CODE. Period. End of story. What you do with that code is up to you. There is no need to delve into the details of just how you steal the lunch money from the end users.
*even biggersnip* -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.1 -- QDPGP 2.60 Comment: http://community.wow.net/grt/qdpgp.html iQA/AwUBN86VbgiK90dv14WBEQJ1ggCeOsY1DUXNIwKMaVgTOxHnMYSlg5gAoL1z Bns0JeGvBg6AOy5x3HkOIoO0 =IOcI -----END PGP SIGNATURE----- Brad Griffin 2nd yr B.Infotech CQU Rockhampton Australia (Translation: Does not require sleep) http://www.cai.com/antivirus/personal/ FREE anti-virus software http://www.avp.com Not free, but about the best around *****************************
Current thread:
- Re: IE5 allows executing programs David LeBlanc (Aug 30)
- <Possible follow-ups>
- Re: IE5 allows executing programs SysAdmin (Aug 30)
- Re: IE5 allows executing programs Jim Frost (Sep 01)
- Re: IE5 allows executing programs David LeBlanc (Sep 01)
- Re: IE5 allows executing programs Brad Griffin (Sep 02)
- Re: IE5 allows executing programs David LeBlanc (Sep 07)
- re, anti btrom Martin Markovitz (Sep 08)
- Re: IE5 allows executing programs Paul L Schmehl (Sep 08)
- SDI AMD remote exploit for RH linux Thiago (Sep 02)
- Re: IE5 allows executing programs J MacCraw (Sep 07)
- Re: IE5 allows executing programs Jesper M. Johansson (Sep 08)
- Re: IE5 allows executing programs SysAdmin (Sep 08)
- Re: IE5 allows executing programs Haxor, Wikit (Sep 16)