Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases

From: Matthew Dharm <mdharm () ONE-EYED-ALIEN NET>
Date: Mon, 18 Sep 2000 13:00:09 -0700
On Mon, Sep 18, 2000 at 11:58:41AM -0700, Microsoft Security Response Center wrote:

If anyone can devise a compelling exploit scenario for this issue --
one that would allow a malicious user to exploit it without the
user's consent -- we'd be most interested in investigating it.
Regards,


Consider the case of an e-mail program which, like many on the market,
places all attached files in a particular directory, and offers a way to
open these documents from within the message-viewing screen.  These programs
often invoke the same or similar code paths as double-clicking the document
itself.

In this case, the user will see two files -- the document and the dll.
They may believe that they are safe if they simply do not execute the dll.
However, by launching the document they will invoke the code in the dll.
They could even have installed protection against "macro virii" and believe
they are safe from malicious documents.

Matt Dharm

-- 
Matthew Dharm                              Home: mdharm () one-eyed-alien net 

G:  Let me guess, you started on the 'net with AOL, right?
C:  WOW! d00d! U r leet!
                                        -- Greg and Customer 
User Friendly, 2/12/1999

Attachment: _bin
Description:

Previous By Date Next
Previous By Thread Next

Current thread: