Bugtraq mailing list archives

RE: MSIE vulnerability exploitable with IncrediMail

From: "Eric Detoisien" <eric.detoisien () global-secure fr>
Date: Sat, 16 Mar 2002 01:53:47 +0100

Isn't {42D00B20-479C-11d4-9706-00105A40931C} a GUID for your user account,
and as such unknown from time to time, making the proposed exploit
unfeasable ?


It's a clsid and the number {42D00B20-479C-11d4-9706-00105A40931C} is the same
on default installation of IncrediMail Xe (tested on W2K and W98).


Eric DETOISIEN
GLOBAL SECURE
Web : http://www.global-secure.fr

Current thread:

MSIE vulnerability exploitable with IncrediMail Eric Detoisien (Mar 15)
- MSIE vulnerability exploitable with Eudora (was: IncrediMail) Magnus Bodin (Mar 18)
- <Possible follow-ups>
- RE: MSIE vulnerability exploitable with IncrediMail Thor Larholm (Mar 15)
  - RE: MSIE vulnerability exploitable with IncrediMail RT (Mar 18)
- RE: MSIE vulnerability exploitable with IncrediMail Eric Detoisien (Mar 16)
- RE: MSIE vulnerability exploitable with IncrediMail Thor Larholm (Mar 18)
- RE: MSIE vulnerability exploitable with IncrediMail Joachim Thuau (Mar 19)