mailing list archives
From: "Alex Lambert" <alambert () webmaster com>
Date: Fri, 18 Oct 2002 15:55:57 -0500
Kazaa's IE control (at least in 1.7.x) seems to treat certain URLs
differently, too, which could pose a problem. For example,
http://localhost/KazaaSearchQuery performs a search (a form for this is
displayed on desktop.kazaa.com). Putting more than 272 bytes into the query
argument causes a crash; I haven't checked if it's posisble to run malicious
code with this.
----- Original Message -----
From: "David Krum" <frobnitz () msn com>
To: <bugtraq () securityfocus com>
Sent: Friday, October 18, 2002 11:33 AM
I'm concerned about all the applications which utilize ie browser
There are a lot of adware programs with little ads. Some of these ads
activex, java, flash, js. Any one of these capabilities in the wrong zone
could be dangerous.
My attention was first drawn to this when I noticed KaZaA launching popups
sourced from the local hard disk. Surely these ads are running in the
zone. To use software that does this I have to trust them to audit the
given to them?
Broadband? Dial-up? Get reliable MSN Internet Access.
- KaZaA David Krum (Oct 18)
- Re: KaZaA Nicholas C. Weaver (Oct 19)
- RE: KaZaA Brenna Primrose (Oct 19)
- Re: KaZaA Alex Lambert (Oct 19)
- Re: KaZaA eD\\/ARd0 F/\\KEn^M3 (Oct 19)
- <Possible follow-ups>
- RE: KaZaA Christopher Wagner (Oct 19)