Bugtraq mailing list archives

Re: feeble.you!dora.exploit

From: Jeff Beckley <beckley () QUALCOMM COM>
Date: Mon, 19 Mar 2001 14:26:06 -0800

At 01:38 AM 3/18/2001 -0800, http-equiv () excite com wrote:

Silent delivery and installation of an executable on a target computer. No
client input other than opening an email using Eudora 5.02 - Sponsored Mode
provided 'use Microsoft viewer' and 'allow executables in HTML content' are
enabled.


The "Allow executables in HTML content" setting is turned off by
default.  The online help and user manual mention that the setting should
remain off for security reasons.

Current thread:

feeble.you!dora.exploit http-equiv () excite com (Mar 19)
- Re: feeble.you!dora.exploit Jeff Beckley (Mar 20)
- <Possible follow-ups>
- Re: feeble.you!dora.exploit http-equiv () excite com (Mar 21)
- Re: feeble.you!dora.exploit http-equiv () excite com (Mar 21)
  - Re: feeble.you!dora.exploit Jeff Beckley (Mar 22)