Full Disclosure mailing list archives
Re: Notepad popups in Internet Explorer and Outlook
From: "Stephen Clowater" <steve () stevesworld hopto org>
Date: Fri, 8 Aug 2003 12:44:56 -0300
I've heard people discusses the possibilities of useing this to execute arbitray code before, however, I've never managed to replicate anyones findings on this yet, however there has been quite a bit of talk on other lists in the past, and I've been asked by people to look into it but I cant seem to find anything ethier Supposivly you can use the same flaw to execute arbitrary code, however, I've been unable to see it replicated yet, so I wouldnt put much stalk into it. ----- Original Message ----- From: "Richard M. Smith" <rms () computerbytesman com> To: <full-disclosure () lists netsys com> Sent: Friday, August 08, 2003 12:18 AM Subject: RE: [Full-disclosure] Notepad popups in Internet Explorer and Outlook
I fiddle a little bit with view-source: and WordPad but nothing seemed too interesting. WordPad always opened a large file as a plain text file. I was checking to see if it might open a file as Word .DOC file, but had no luck. Richard -----Original Message----- From: Georgi Guninski [mailto:guninski () guninski com] Sent: Thursday, August 07, 2003 3:57 PM To: Richard M. Smith Cc: full-disclosure () lists netsys com Subject: Re: [Full-disclosure] Notepad popups in Internet Explorer and Outlook Richard, you irresponsible m$ puppy! How irresponsible and self promoting of you to not give m$ chance to fix this huge hole! btw, on win9x you may have more fun with view-source and wordpad: http://lists.insecure.org/lists/bugtraq/2000/Feb/0388.html georgi Richard M. Smith wrote:Hi, Do Notepad popups represent a security risk or are they simply another way for spammers and marketers to annoy us? Because of a design flawinInternet Explorer, Notepad popup windows can be displayed from an HTML email message or Web page regardless of browser security settings. In addition, Notepad popups can access files on a hard disk, possibilly causing stability problems in a Windows saystem._______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Notepad popups in Internet Explorer and Outlook Richard M. Smith (Aug 04)
- Re: Notepad popups in Internet Explorer and Outlook IT (Aug 04)
- Re: Notepad popups in Internet Explorer and Outlook Georgi Guninski (Aug 07)
- RE: Notepad popups in Internet Explorer and Outlook Richard M. Smith (Aug 07)
- Re: Notepad popups in Internet Explorer and Outlook Stephen Clowater (Aug 08)
- RE: Notepad popups in Internet Explorer and Outlook Richard M. Smith (Aug 07)
