Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: IE and Outlook 5.x allow executing arbitrary programs using .eml files
From: ryan () SECURITYFOCUS COM (Ryan Russell)
Date: Wed, 15 Mar 2000 09:24:52 -0800


On Tue, 14 Mar 2000, Georgi Guninski wrote:

Georgi Guninski security advisory #9, 2000

IE and Outlook 5.x allow executing arbitrary programs using .eml files


Works fine on NT4 Server, SP5, IE 5.00.2919.6307, but it prompts whether I
want to save it or run it.  If I run it, wordpad is launched.  This is
from the web page demo.

                                        Ryan


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]