Bugtraq mailing list archives
Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases
From: John Wiltshire <jw () QITS NET AU>
Date: Wed, 20 Sep 2000 09:54:09 +1000
The problem isn't that windows automatically looks in the same path as the executable for libraries (which is what you are saying), but that windows first searches the current directory ('.') for libraries to load. Removing the '.' from the path would solve this problem - there would be no reason not to still search the same directory as the executable which would allow alternate versions of DLLs to be loaded for different applications. John Wiltshire
-----Original Message----- From: John Lange [mailto:lists () DARKCORE NET] Sent: Wednesday, 20 September 2000 5:54 am To: BUGTRAQ () SECURITYFOCUS COM Subject: Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Changing the search path for DLLs would break a good portion of windows apps, especially legacy apps. In my previous life as a windows programmer, often the trick to get some older apps working was to find the older version of some DLL that it was looking for and put it in the same directory as the application so it would load those ones instead of whatever twisted version now exists in the windows/system directory. Thus I think we will be forced to live with this security hole though the OS should be patched so that it never loads DLLs across network devices or at least obeys the security settings of the machine. Funny that I've known this for a very long time but never thought about using it to load trojan DLLs. John Lange
Current thread:
- Re: Double clicking on MS Office documents from Windows Explorermay execute arbitrary programs in some cases, (continued)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Matthew Dharm (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases aleph (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Milan Kopacka (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases van der Kooij, Hugo (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Todd Ransom (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Francis Favorini (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases John Wiltshire (Sep 20)