Vulnerability Development mailing list archives

Re: OE6 + VBS + WSH + WIN200 + XP + HTML.DROPPER

From: "svend ladefoged" <kain () mongol dk>
Date: Sat, 1 Sep 2001 22:03:32 +0200

confirmed working on

English Win98SE 4.10.2222 A
IE6 6.0.2600.0000 (i like the 2600 part)
OE6  6.0.2600.0000

all 98 hitfixes applied, fresh IE6 install.

A side note, i installed IE6 and deselected a few things like VBscript and
media player. Doing my usual surfing up came dialogs that i 'had to iunstall
vbscripting and media player' all the time... so in the end i just went with
it. Thats kinda stupid aint it? the pages i frequent worked fine without
these add-ons earlier, but with IE6 no go.

too bad..



----- Original Message -----
From: <http-equiv () excite com>
To: <Vuln-Dev () securityfocus com>
Sent: Saturday, September 01, 2001 9:37 PM
Subject: OE6 + VBS + WSH + WIN200 + XP + HTML.DROPPER

working demo:

harmless *.exe. Ensure OE6 is default in that the new security feature is
not enabled.

http://www.malware.com/bang.zip

Thanks.

we'd appreciate some feedback before we submit to BT.

Does it work on all OS's if you accept 'open file' or do the various OS's
incorporate additional safeguards.


---
http://www.malware.com





_______________________________________________________
Send a cool gift with your E-Card
http://www.bluemountain.com/giftcenter/

Current thread:

OE6 + VBS + WSH + WIN200 + XP + HTML.DROPPER http-equiv () excite com (Sep 01)
- Re: OE6 + VBS + WSH + WIN200 + XP + HTML.DROPPER svend ladefoged (Sep 01)
- <Possible follow-ups>
- Re: OE6 + VBS + WSH + WIN200 + XP + HTML.DROPPER Mark Kennedy (Sep 04)
  - Re: OE6 + VBS + WSH + WIN200 + XP + HTML.DROPPER Astalavista Security Group | Ivan Schmid (Sep 04)