Bugtraq mailing list archives

Re: Reappearance of an old IE security bug

From: vlad () SANDY RU (Vladimir Dubrovin)
Date: Mon, 17 Apr 2000 14:56:36 +0400


Hello Ben Mesander,

I cann't confirm this bug.

17.04.00 3:09, you wrote: Reappearance of an old IE security bug;

B> I have found a way to have a Java applet open a connection to an arbitrary
B> host and violate the Java security model in Internet Explorer 5. This is a bug
B> I first discovered in 1997, and Microsoft fixed it then. It seems to
B> have reappeared in the latest IE 5.

Under  MSIE 5.01 (5.00.2919.6307) WinNT 4.0/SP6a, Java Security is set
to "high" applet generates security exception.

B> This vulnerability allows malicious websites to download a java applet to
B> a user's desktop, and use the desktop to send content from sites inside a
B> firewall to the malicious webserver or another host.

B> http://www.hungry.com/~ben/msie_bug/

B> --Ben

  +=-=-=-=-=-=-=-=-=+
  |Vladimir Dubrovin|
  | Sandy Info, ISP |
  +=-=-=-=-=-=-=-=-=+

Current thread:

Re: Back Door in Commercial Shopping Cart, (continued)
- Re: Back Door in Commercial Shopping Cart Pete Holsberg (Apr 13)
- Re: Back Door in Commercial Shopping Cart Anik (Apr 13)
- more problems with that POS dansie cart software! tombow (Apr 14)
  - Re: more problems with that POS dansie cart software! Randy Janinda (Apr 14)
  - nmh-1.0.4 released Dan Harkless (Apr 14)
  - xfs Michal Zalewski (Apr 16)
  - StarOffice 5.1 Michal Zalewski (Apr 16)
  - XFree86 server overflow Michal Zalewski (Apr 16)
    - XFree86 server overflow - exploit issues Michal Zalewski (Apr 16)
    - Reappearance of an old IE security bug Ben Mesander (Apr 16)
    - Re: Reappearance of an old IE security bug Vladimir Dubrovin (Apr 17)
    - Announcing: Solaris Fingerprint Database (sfpDB) on SunSolve Casper Dik (Apr 17)
    - Re: XFree86 server overflow Olaf Kirch (Apr 17)
    - Re: XFree86 server overflow Valentin Pavlov (Apr 17)
    - Microsoft Security Bulletin (MS00-025) Microsoft Product Security (Apr 17)
    - Re: XFree86 server overflow Paweł Sakowski (Apr 17)
    - RAZOR Analysis of dvwssr.dll Simple Nomad (Apr 17)
    - response to the bugtraq report of buffer overruns in imapd LIST command Mark Crispin (Apr 17)
    - Re: response to the bugtraq report of buffer overruns in imapd LIST command Theo de Raadt (Apr 17)
    - Re: response to the bugtraq report of buffer overruns in imapd LIST command Mark Crispin (Apr 17)
    - Re: response to the bugtraq report of buffer overruns in imapd LIST command R. C. Dowdeswell (Apr 17)

(Thread continues...)