Full Disclosure mailing list archives
Re: Outlook Express Attachment Property Spoofing Vulnerabilities
From: full-disclosure () lists netsys com (Jack)
Date: Sat, 20 Jul 2002 15:22:40 -0000
It's in the archives. They can't be bothered. More important and serious concerns to attend to. As far as they are concerned, as long as there is "a warning" dialogue, it is up to the user to accept or not accept. They as the vendor have done there job as long as there is warning. Thereafter, tough luck to you if you get snagged. Strange philosophy. ----- Original Message ----- From: Roland Postle To: full-disclosure () lists netsys com Sent: Saturday, July 20, 2002 11:06 AM Subject: Re: [Full-disclosure] Re: Outlook Express Attachment Property Spoofing Vulnerabilities So why hasn't MS fixed them then? Will it take a big email virus, and more mass hysteria, before they do? Personally I get sent a lot of virus and rely on knowing the extension. They frequently use the spaces before extension vulnerability (so I'll get somthing like 'hello.mp3 .scr') but I always notice these before opening them anyway. However, combined with the other vulnerabilities you mention I could probably be tricked into opening a virus. God help the clueless people. - Blazde ----- Original Message ----- From: "Jack" <jack () malware com> To: <news () securiteam com>; <bugtraq () securityfocus com>; <full-disclosure () lists netsys com> Cc: <mattmurphy () kc rr com> Sent: Saturday, July 20, 2002 2:27 PM Subject: [Full-disclosure] Re: Outlook Express Attachment Property Spoofing Vulnerabilities
Dude, they are all two years old: http://www.securityfocus.com/bid/2260 http://www.securityfocus.com/bid/3271
_______________________________________________ Full-Disclosure - We believe in it. Full-Disclosure () lists netsys com http://lists.netsys.com/mailman/listinfo/full-disclosure
Current thread:
- Outlook Express Attachment Property Spoofing Vulnerabilities Matthew Murphy (Jul 19)
- Outlook Express Attachment Property Spoofing Vulnerabilities Thor Larholm (Jul 20)
- <Possible follow-ups>
- Re: Outlook Express Attachment Property Spoofing Vulnerabilities Jack (Jul 20)
- Re: Outlook Express Attachment Property Spoofing Vulnerabilities Roland Postle (Jul 20)
- Re: Outlook Express Attachment Property Spoofing Vulnerabilities Matthew Murphy (Jul 20)
- Re: Outlook Express Attachment Property Spoofing Vulnerabilities Jack (Jul 20)