Vulnerability Development mailing list archives
RE: Winnt/Win2k Vuln ?
From: JKlemenc () fnal gov
Date: Fri, 10 Aug 2001 13:58:29 -0500
Was able to reproduce with Win2K SP2 and IE 5.50.4522.1800 when I opened IE and simply typed in www.google.com (or whatever I named the file - I simply copied write.exe to Desktop\www.google.com ). I was NOT able to reproduce this when: Adding http:// in front of the www.google.com filename in the IE URL bar When launching it from the Start/Run menu Joe Klemencic --- Original Message ---
- copy autoexec.bat to ..\desktop - rename autoexec.bat to www.google.com (can be any url) - then go to IE and type "www.google.com" - your batch file is then ran
Confirmed on Win2K Pro SP1 (5.00.2195) with IE 5.50.4522.1800 (56-bit). Actually IE tried to download the www.google.com file probably because of the '.com' extension. I also went to START/RUN and typed in www.google.com and it tried to run it too (actually giving me an error about it was not a vaild Win32 App).
Current thread:
- Re: Winnt/Win2k Vuln ?, (continued)
- Re: Winnt/Win2k Vuln ? sween (Aug 10)
- Re: Winnt/Win2k Vuln ? Vulnerability Development (Aug 10)
- Re: Winnt/Win2k Vuln ? Kaneda Akira (Aug 10)
- Re: Winnt/Win2k Vuln ? Rio Martin. (Aug 10)
- Re: Winnt/Win2k Vuln ? Kevin Gagel (Aug 10)
- Re: Winnt/Win2k Vuln ? Fab Siciliano (Aug 10)
- Re: Winnt/Win2k Vuln ? sween (Aug 10)
- Re: Winnt/Win2k Vuln ? Kevin Gagel (Aug 10)
- Re: Winnt/Win2k Vuln ? J.D. Meek (Aug 10)
- Re: Winnt/Win2k Vuln ? Kaneda Akira (Aug 11)
- Re:Winnt/Win2k Vuln ? Thiago Campos (Aug 10)
- RE: Winnt/Win2k Vuln ? JKlemenc (Aug 10)
- Re: Winnt/Win2k Vuln ? martin . goudreault (Aug 10)
- Re: Winnt/Win2k Vuln ? Meritt James (Aug 10)
- RE: Winnt/Win2k Vuln ? David Schwartz (Aug 10)
- Re: Winnt/Win2k Vuln ? Meritt James (Aug 10)
- Re: Winnt/Win2k Vuln ? Ben Ford (Aug 10)
- Re: Winnt/Win2k Vuln ? Kevin Gagel (Aug 10)
- Re: Winnt/Win2k Vuln ? Meritt James (Aug 10)
- RE: Winnt/Win2k Vuln ? David Schwartz (Aug 11)
- RE: Winnt/Win2k Vuln ? Louis-Eric Simard (Aug 12)
- RE: Winnt/Win2k Vuln ? David Schwartz (Aug 12)