Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Outlook Express Attachment Property Spoofing Vulnerabilities
From: full-disclosure () lists netsys com (Roland Postle)
Date: Sat, 20 Jul 2002 16:06:18 +0100

So why hasn't MS fixed them then? Will it take a big email virus, and more
mass hysteria, before they do?

Personally I get sent a lot of virus and rely on knowing the extension. They
frequently use the spaces before extension vulnerability (so I'll get
somthing like 'hello.mp3     .scr') but I always notice these before opening
them anyway. However, combined with the other vulnerabilities you mention I
could probably be tricked into opening a virus. God help the clueless
people.

- Blazde

----- Original Message -----
From: "Jack" <jack () malware com>
To: <news () securiteam com>; <bugtraq () securityfocus com>;
<full-disclosure () lists netsys com>
Cc: <mattmurphy () kc rr com>
Sent: Saturday, July 20, 2002 2:27 PM
Subject: [Full-disclosure] Re: Outlook Express Attachment Property Spoofing
Vulnerabilities


Dude, they are all two years old:

http://www.securityfocus.com/bid/2260
http://www.securityfocus.com/bid/3271





  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]