Full Disclosure mailing list archives
Re: Re: HelpCtr - allow open any page or run
From: dlimanov () sct com
Date: Tue, 10 Feb 2004 13:09:51 -0500
Negative on fully patched US version of XP Pro. -Dimitri |---------+--------------------------------------> | | "Richard Maudsley" | | | <r_i_c_h_lists@btopenworld.| | | com> | | | Sent by: | | | full-disclosure-admin@lists| | | .netsys.com | | | | | | | | | 02/10/2006 12:07 PM | | | | |---------+--------------------------------------> >--------------------------------------------------------------------------------------------------------------| | | | To: full-disclosure () lists netsys com | | cc: | | Subject: Re: [Full-disclosure] Re: HelpCtr - allow open any page or run | >--------------------------------------------------------------------------------------------------------------| Nope, me neither. -Rich
List, I couldn't reproduce this on patched XP. Anyone? If so, we'll need YA workaround :(> Erik On 7 Feb 2004 21:49:26 -0000 "Bartosz Kwitkowski" wrote:To: BugTraq Subject: HelpCtr - allow open any page or run Date: Feb 7 2004 9:49PM Author: Bartosz Kwitkowski <bartosz wb pl> Message-ID: <20040207214926.28580.qmail () www securityfocus com> We can use Help Center to open any page or run any file. hcp://services/layout/contentonly?topic=... where ... is a correct URL http:// for page file:/// for run (remember use / (slash) in path e.g.
c:/windows/system32/...
Archives of original message: http://www.securityfocus.com/archive/1/353248 http://seclists.org/lists/bugtraq/2004/Feb/0248.html PS I don't subscribe Bugtraq, just read the web archives _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: HelpCtr - allow open any page or run Erik van Straten (Feb 10)
- Re: Re: HelpCtr - allow open any page or run Richard Maudsley (Feb 10)
- RE: Re: HelpCtr - allow open any page or run Aditya, ALD [Aditya Lalit Deshmukh] (Feb 12)
- Re: Re: HelpCtr - allow open any page or run morning_wood (Feb 13)
- RE: Re: HelpCtr - allow open any page or run Aditya, ALD [Aditya Lalit Deshmukh] (Feb 14)
- RE: Re: HelpCtr - allow open any page or run Aditya, ALD [Aditya Lalit Deshmukh] (Feb 12)
- Microsoft Windows ASN.1 LSASS.EXE Remote Exploit (MS04-007) Stephen (Feb 14)
- Re: Re: HelpCtr - allow open any page or run Richard Maudsley (Feb 10)
- Re: Re: HelpCtr - allow open any page or run Erik van Straten (Feb 10)
- <Possible follow-ups>
- Re: Re: HelpCtr - allow open any page or run dlimanov (Feb 10)
- new security patches posted on Microsoft Exibar (Feb 10)