Full Disclosure: Re: DLL hijacking with Autorun on a USB drive

[Larry Seltzer <larry () larryseltzer com>]

> Instead of it executing "wab.exe (Windows Address Book) and open the
> file test.vcf", one can directly get any .exe file open.
Users have shown themselves very willing to open up test.vcf.exe.

LJS

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/