Bugtraq mailing list archives
Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases
From: Chip Andrews <chip () SQLSECURITY COM>
Date: Wed, 20 Sep 2000 09:40:53 -0400
Has anyone explored the possibility of making use of Windows 2000 Private DLLs to solve this issue? For example, the "side-by-side" approach could be used to specify where DLLs for an application are stored to stop the search path. Older applications can be retro-fitted for private DLLs but using the myapp.exe.local file to tell W2K to load DLLs from the directory where the executable exists and not the search path or current directory. Chip ----- Original Message ----- From: "Timothy J. Miller" <cerebus () SACKHEADS ORG> To: <BUGTRAQ () SECURITYFOCUS COM> Sent: Monday, September 18, 2000 4:56 PM Subject: Re: Double clicking on MS Office documents
I suggest that this problem, and subsequent problems of this nature, can be fixed simply by *not* looking in the current directory for required DLLs. -- Cerebus
Current thread:
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Microsoft Security Response Center (Sep 18)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Timothy J. Miller (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases John Lange (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorermay execute arbitrary programs in some cases Crist Clark (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Chip Andrews (Sep 20)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Matthew Dharm (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases aleph (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Milan Kopacka (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases van der Kooij, Hugo (Sep 19)
- <Possible follow-ups>
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Todd Ransom (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Francis Favorini (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases John Wiltshire (Sep 20)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Timothy J. Miller (Sep 19)