Full Disclosure mailing list archives

Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype

From: "Gregory Rubin" <grrubin () gmail com>
Date: Tue, 9 Oct 2007 13:41:29 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://support.microsoft.com/kb/224816 <= Use ShellExecute to launch
the default Web browser

I agree that we need sanity checking on the applications accepting the
input, but the fact remains that ShellExecute is doing dangerous
things based on bad input.  Both application developers and Microsoft
should work on fixing this.

Greg Rubin
grrubin () gmail com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32) - WinPT 1.2.0

iD8DBQFHC+de5KDU23nQpRcRAoNKAJ9TvOiL16hKjTV2oYsDJtOazcZEMwCfYv/C
+g7WwL6VKCyRc9a5doKbdAg=
=UdN+
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, (continued)
- Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype Roger A. Grimes (Oct 06)
  - Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype Thierry Zoller (Oct 06)
    - Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype Geo. (Oct 06)
    - Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype Thierry Zoller (Oct 06)
    - Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype Kurt Dillard (Oct 06)
    - Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype terry white (Oct 07)
    - Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype gjgowey (Oct 07)
    - Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype Glynn Clements (Oct 07)
    - Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype KJK::Hyperion (Oct 07)
    - Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype Thierry Zoller (Oct 09)
    - Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype Gregory Rubin (Oct 09)
    - Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype Geo. (Oct 07)
    - Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype Lamer Buster (Oct 07)
    - Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype KJK::Hyperion (Oct 07)
    - Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype Geo. (Oct 06)
    - Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype James Matthews (Oct 07)
    - Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype Thierry Zoller (Oct 07)
    - Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype Geo. (Oct 07)
    - Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype 3APA3A (Oct 08)
    - Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype Thierry Zoller (Oct 09)
    - Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype Valdis . Kletnieks (Oct 07)

(Thread continues...)