Bugtraq mailing list archives

Re: IE 5.5/5.x for Win98 may execute arbitrary files that can be accessed thru Microsoft Networking. Also local Administrator compromise at least on default Windows 2000.

From: Ben Greenbaum <bgreenbaum () SECURITYFOCUS COM>
Date: Tue, 15 Aug 2000 18:14:40 -0700

Georgi Guninski security advisory #18, 2000

IE 5.5/5.x for Win98 may execute arbitrary files that can be accessed
thru Microsoft Networking. Also local Administrator compromise at least
on default Windows 2000.

Systems affected:
For remote file execution: IE 5.5,5.x/Windows 98, the files must be
accessible thru Microsoft Networking.
For local Administrator compromise on Windows 2000: default Windows 2000
installation, I have not tested with IE 5.5 installed, but believe to
work


Replicated on Windows 2000 with IE 5.5

Ben Greenbaum
Director of Site Content
SecurityFocus
http://www.securityfocus.com

Current thread:

IE 5.5/5.x for Win98 may execute arbitrary files that can be accessed thru Microsoft Networking. Also local Administrator compromise at least on default Windows 2000. Georgi Guninski (Aug 15)
- <Possible follow-ups>
- Re: IE 5.5/5.x for Win98 may execute arbitrary files that can be accessed thru Microsoft Networking. Also local Administrator compromise at least on default Windows 2000. Ben Greenbaum (Aug 16)