Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

isn logo Information Security News mailing list archives

Microsoft oops!
From: ". o O ( Chris )" <home.750.my () CHRISB NILDRAM CO UK>
Date: Sat, 13 May 2000 08:25:17 +0100
http://www.microsoft.com/technet/security/bulletin/fq00-034.asp



Office 2000 ships with an ActiveX control that is incorrectly marked as
"safe for scripting".  Because of the incorrect marking, a malicious web
site operator could use the control to take inappropriate actions on the
machine of a visiting user. The control ships only with Office
2000, so customers using previous versions do not need to take any
action.

The vulnerability exists because an ActiveX control, the Office 2000 UA
Control, is incorrectly marked as "safe for scripting". It exposes
fairly powerful functionality that is inappropriate for use by web
sites.

ISN is sponsored by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".

  By Date           By Thread  

Current thread:
  • Microsoft oops! . o O ( Chris ) (May 13)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]