Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Vulnerability Development: Re: Outlook/HTML "proggie"

Re: Outlook/HTML "proggie"

From: Walter Williams <walter.williams_at_GENUITY.COM>
Date: Fri, 2 Jun 2000 08:25:59 -0400

It won't work if you have marked don't run activex scripts no matter what
security zone you have setup.
  -----Original Message-----
  From: VULN-DEV List [mailto:VULN-DEV_at_SECURITYFOCUS.COM]On Behalf Of
methodman
  Sent: Thursday, June 01, 2000 4:33 PM
  To: VULN-DEV_at_SECURITYFOCUS.COM
  Subject: Re: Outlook/HTML "proggie"

  well...
  since everybody is so interested in what the SCR object is, i'm going to
tell you...
  it is an activex control with the classID:
06290BD5-48AA-11D2-8432-006008C3FBFC ,
  it's name is actually SCRiptlet.typlib (that's why i gave it the id SCR).
WSH has the classID
  F935DC22-1CF0-11D0-ADB9-00C04FD58A0B and is called "Windows Scripting Host
Shell Object",
  (Wscript.SHell - therefore i gave it the id WSH).
  about badblood... i didn't even hear about it until Thierry said it
exists, same goes for the code written by Exxtreme.
  about the source code... if you are reading this through outlook check
"thisreallyworks.txt" on your desktop :)).
  -- this only works if the security level is not set to "restriced sites
zone"

  [ methodman ]
Received on Jun 02 2000

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos