Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Wordpad vulnerability, exploitable also in IE for Win9x
From: toasty () DRAGONDATA COM (Kevin Day)
Date: Wed, 23 Feb 2000 11:31:30 -0600



Georgi Guninski security advisory #7, 2000

Wordpad vulnerability, exploitable also in IE for Win9x

Description:
There is a vulnerability in Wordpad which allows executing arbitrary
programs without warning the user after activating an embedded or linked
object. This may be also exploited in IE for Win9x.

Demonstration which starts AUTOEXEC.BAT:
http://www.whitehats.com/guninski/wordpad1.html
Workaround: Do not activate objects in Wordpad documents

Copyright Georgi Guninski

For reference, on my Win2000 system with IE5 and Office 2000 installed, it
instead gives me a dialog box which says:

"You are about to activate an embedded object that may contain viuses or be
otherwise harmful to your computer. It is important that it is from a
trustworthy source. Do you want to continue?"

It appears that it's launching Word instead of Wordpad, if you have Word
installed. (Makes sense, since they probably want to associate rtf with
Word).

Kevin


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]