Full Disclosure mailing list archives
Re: IE exploit runs code from graphics?
From: "Aditya, ALD [ Aditya Lalit Deshmukh ]" <aditya.deshmukh () online gateway technolabs net>
Date: Sat, 26 Jun 2004 11:52:08 +0530
files (.CHM) from some web site, causing the HTML code inside the .CHM to be run in the "My Computer" security zone. Typically (like all but one of _dozens and dozens_ of these I've seen) the "inner" HTML run
this is one of the _dozens and dozens_ reasons to use mozilla on untrusted sites and use ie to access internal websites if they do depend of some ie features but set the default browser to mozilla so that when ever the user cliks something it opens in mozilla
That is hardly the same thing as "embedded code hidden in graphics on Web pages", but I can easily imagine a naïve journalist getting confused over such technical issues or a company representative hankering for some media exposure over-selling the seriousness or novelty of what they "discovered"...
and these are the people who raise the script kiddies to "elite hackers!" -aditya ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ éb½êÞvë"axZÞx÷«²ÚGb¶*'¡ó[kj¯ðÃæj)mªÿrÿ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: New malware to infect IIS and from there jump to clients, (continued)
- RE: New malware to infect IIS and from there jump to clients joe (Jun 25)
- Re: New malware to infect IIS and from there jump to clients insecure (Jun 25)
- Re: New malware to infect IIS and from there jump to clients Matt Power (Jun 27)
- Re: Evidence of a ISC being hacked? VX Dude (Jun 24)
- Re: Evidence of a ISC being hacked? Valdis . Kletnieks (Jun 25)
- IE exploit runs code from graphics? Larry Seltzer (Jun 24)
- RE: IE exploit runs code from graphics? Heather M. Guse Bryan (Jun 24)
- Re: IE exploit runs code from graphics? Nick FitzGerald (Jun 24)
- RE: IE exploit runs code from graphics? Larry Seltzer (Jun 24)
- Re: IE exploit runs code from graphics? Aditya, ALD [ Aditya Lalit Deshmukh ] (Jun 26)
- Re: IE exploit runs code from graphics? Jimmy Mitchener (Jun 26)
- Re: IE exploit runs code from graphics? st3ng4h (Jun 26)
- Re: IE exploit runs code from graphics? Valdis . Kletnieks (Jun 28)