Re: Wordpad vulnerability, exploitable also in IE for Win9x

• Previous message: Darren Reed: "Re: Firewall and IP stack test tool"
• Maybe in reply to: Georgi Guninski: "Wordpad vulnerability, exploitable also in IE for Win9x"
• Next in thread: Scott: "Re: Wordpad vulnerability, exploitable also in IE for Win9x"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>
> Georgi Guninski security advisory #7, 2000
>
> Wordpad vulnerability, exploitable also in IE for Win9x
>
> Description:
> There is a vulnerability in Wordpad which allows executing arbitrary
> programs without warning the user after activating an embedded or linked
> object. This may be also exploited in IE for Win9x.
>
> Demonstration which starts AUTOEXEC.BAT:
> http://www.whitehats.com/guninski/wordpad1.html
> Workaround: Do not activate objects in Wordpad documents
>
> Copyright Georgi Guninski


For reference, on my Win2000 system with IE5 and Office 2000 installed, it
instead gives me a dialog box which says:

"You are about to activate an embedded object that may contain viuses or be
otherwise harmful to your computer. It is important that it is from a
trustworthy source. Do you want to continue?"


It appears that it's launching Word instead of Wordpad, if you have Word
installed. (Makes sense, since they probably want to associate rtf with
Word).


Kevin

• Next message: Max Vision: "Re: unused bit attack alert"
• Previous message: Darren Reed: "Re: Firewall and IP stack test tool"
• Maybe in reply to: Georgi Guninski: "Wordpad vulnerability, exploitable also in IE for Win9x"
• Next in thread: Scott: "Re: Wordpad vulnerability, exploitable also in IE for Win9x"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:37:00 PDT