RE: MSIE vulnerability exploitable with IncrediMail

From: RT (roelofat_private)
Date: Fri Mar 15 2002 - 16:58:52 PST

Next message: Scott Dier: "Re: Buffer Overflow in Geck/Netscape 5.0/6.0?"

Previous message: Chris Bradford: "RE: PHP-Nuke & Post-Nuke account hijacking."
In reply to: Thor Larholm: "RE: MSIE vulnerability exploitable with IncrediMail"
Next in thread: Eric Detoisien: "RE: MSIE vulnerability exploitable with IncrediMail"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Immm...

Eudora Mail .. automatically saves attachments in <drive>:\program
files\qualcomm\eudora\attachments .. right?

The (very old) version (4.1) that I have sure does that. And even if you delete
the email itself (after opening), or right click on the file and selecting delete -
the file stays.

So, you just need to get the file in there and have the user visit a corrupted
web .. and hey.. presto!

Just my 2c on this,
Roelof.

On Fri, 15 Mar 2002, Thor Larholm wrote:

+Isn't {42D00B20-479C-11d4-9706-00105A40931C} a GUID for your user account,
+and as such unknown from time to time, making the proposed exploit
+unfeasable ?
+
+
+Regards
+Thor Larholm
+Jubii A/S - Internet Programmer
+
+

------------------------------------------------------
Roelof W Temmingh               SensePost IT security
roelofat_private            +27 83 448 6996
http://www.sensepost.com        http://www.hackrack.com

Next message: Scott Dier: "Re: Buffer Overflow in Geck/Netscape 5.0/6.0?"
Previous message: Chris Bradford: "RE: PHP-Nuke & Post-Nuke account hijacking."
In reply to: Thor Larholm: "RE: MSIE vulnerability exploitable with IncrediMail"
Next in thread: Eric Detoisien: "RE: MSIE vulnerability exploitable with IncrediMail"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Mar 18 2002 - 19:32:38 PST