Bugtraq mailing list archives
Re: Serious Microsoft File Association Bug
From: Michael Grant <scarab () ACENET CO ZA>
Date: Thu, 31 Aug 2000 21:36:31 +0200
Hi, Building on what Jonathan Andrews stated earlier, it's interesting to note: That *any* file being executed from within "explorer" is essentially "scanned", well at least the first few bytes are, to determine the file type - irregardless of what associations are defined. It's especially interesting, to note that even though the file has been scanned and found to be of a different type other that that specified by the association it's still passed (correctly?) to the associated application. This adds an extra dimension to the impact? What if the "scan" is susceptible to a buffer overflow or such? Could even passing harmless text files become a risk? Yours sincerely, Mike Grant. DISCLAIMER: The information in this reply is provided "AS IS" without warranty of any kind. In no event shall I be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
Current thread:
- Re: Serious Microsoft File Association Bug Michael R. Batchelor (Sep 01)
- <Possible follow-ups>
- Re: Serious Microsoft File Association Bug Attonbitus Deus (Sep 01)
- Re: Serious Microsoft File Association Bug Jaanus Kase (Sep 01)
- Re: Serious Microsoft File Association Bug Michael Grant (Sep 01)
- Re: Serious Microsoft File Association Bug Smith, Eric V. (Sep 02)