Re: Outlook/HTML "proggie"

[spepper () WLU CA (Shelagh Pepper)]

A script within the body of an email CAN access the FileSystemObject if the
Scripting host is available. I will send a sample separately. Most of the
code in my sample is directly lifted from the Microsoft Scripting samples
on their website.

Shelagh

At 10:34 AM 5/31/00 -0400, you wrote:
> !  -----Original Message-----
> !  From: VULN-DEV (kiss the sun and walk on air)
> !  Sent: Wednesday, May 31, 2000 7:35 AM
> !
> !  My guess was the "Scripting" object, or SCRRUN.DLL. Thats
> !  the DLL that
> !  contains the FileSystemObject classes and its subordinates that the
> !  recent rash of VBS scripts have been using to access the disk.
> !  -pete
>
> I would be very very VERY surprised if a script within the HTML of an
> eMail would be able to access the FileSystemObject. Saying this means
> every eMail/website is able to read/write/delete all of your files at
> will. I think you are confusing the ILY kind of viruses where the users
> actually double-click a .vbs file, giving it their permission to run in
> the Computer context and not in an internet context.
>
> I also really doublt its a screen saver :) Unless they made an
> ActiveX/COM interface on screensavers while i was looking the other way?
>
> The best guess would be to assume he used one of the old objects
> overflows and that his post was nothing but an empty brag without
> substance or new technical material of interest. As Thierry pointed out,
> this might be the BadBlood thing or the BubbleBoy virus too.
>
> If this is something new I'm still very interested in knowing what is
> that SCR object he used.
>
>
> M.

Shelagh Pepper                          (519) 884-0710 x3939
Multimedia Coordinator                  (519) 884-1970 x3939
Computing and Communication Services    (519) 884-1279 FAX
Wilfrid Laurier University                      spepper () wlu ca
Waterloo, Ontario, N2L 3C5                      webmaster () wlu ca