Hi! A couple of questions.... First of all, does this happen just by viewing the page, or do you have to click the link? If you have to click the link to get it to work, one might want to look into using: 1. Javascript redirect (document.location="file://AAAAA...") 2. Meta refresh tags 3. DownloadBehaviour? 4. Server Redirects (Location: file:/AAAAA...); Having an exploit go off by clicking on a file:// link is bad in and of itself. Having it go off just by viewing the page/email that contains the file:// link is the "Good Times"/"Win a vacation" virus hoax come true. On a side note: The server redirect thing would not provide direct execution, but could be used to to hide the fact that the link you're about to click is suspicious. Yum :-P /Mike UNYUN wrote: > > Hello > > Microsoft Internet Explorer 4/5 overflows when the handling of > "file://" specification. This overflow occurs when we are logging on to > the Microsft Network, this overflow can be verified if the long name is > specfied to the "file://". For example, > -- Mikael Olsson, EnterNet Sweden AB, Box 393, S-891 28 ÖRNSKÖLDSVIK Phone: +46-(0)660-105 50 Fax: +46-(0)660-122 50 Mobile: +46-(0)70-248 00 33 WWW: http://www.enternet.se E-mail: mikael.olssonat_private
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:10:57 PDT