Full Disclosure mailing list archives
Re: Outlook Express Attachment Property Spoofing Vulnerabilities
From: full-disclosure () lists netsys com (Roland Postle)
Date: Sat, 20 Jul 2002 16:06:18 +0100
So why hasn't MS fixed them then? Will it take a big email virus, and more mass hysteria, before they do? Personally I get sent a lot of virus and rely on knowing the extension. They frequently use the spaces before extension vulnerability (so I'll get somthing like 'hello.mp3 .scr') but I always notice these before opening them anyway. However, combined with the other vulnerabilities you mention I could probably be tricked into opening a virus. God help the clueless people. - Blazde ----- Original Message ----- From: "Jack" <jack () malware com> To: <news () securiteam com>; <bugtraq () securityfocus com>; <full-disclosure () lists netsys com> Cc: <mattmurphy () kc rr com> Sent: Saturday, July 20, 2002 2:27 PM Subject: [Full-disclosure] Re: Outlook Express Attachment Property Spoofing Vulnerabilities
Dude, they are all two years old: http://www.securityfocus.com/bid/2260 http://www.securityfocus.com/bid/3271
Current thread:
- Outlook Express Attachment Property Spoofing Vulnerabilities Matthew Murphy (Jul 19)
- Outlook Express Attachment Property Spoofing Vulnerabilities Thor Larholm (Jul 20)
- <Possible follow-ups>
- Re: Outlook Express Attachment Property Spoofing Vulnerabilities Jack (Jul 20)
- Re: Outlook Express Attachment Property Spoofing Vulnerabilities Roland Postle (Jul 20)
- Re: Outlook Express Attachment Property Spoofing Vulnerabilities Matthew Murphy (Jul 20)
- Re: Outlook Express Attachment Property Spoofing Vulnerabilities Jack (Jul 20)