RE: [Full-Disclosure] How big is the danger of IE?
From: Eric Paynter (eric_at_arcticbears.com)
Date: 07/08/04
- Previous message: Andrew Poodle: "Re: [Full-Disclosure] shell:windows command question"
- In reply to: Sapheriel: "RE: [Full-Disclosure] How big is the danger of IE?"
- Next in thread: Sapheriel: "RE: [Full-Disclosure] How big is the danger of IE?"
- Reply: Sapheriel: "RE: [Full-Disclosure] How big is the danger of IE?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: full-disclosure@lists.netsys.com Date: Thu, 8 Jul 2004 07:56:19 -0700 (PDT)
On Thu, July 8, 2004 4:51 am, Sapheriel said:
> well, i read about a hacker scenario once that utilizes IE vulnerabilities
> by exploiting the interests of employees. basically, you lure an employee
> to a website you prepared that exploits some bug in IE to install a trojan
> on that pc, thus bypassing firewall and other security precautions.
Don't forget that the "website" you lure the person too can also be an
email, or anything else with embedded HTML - one of those chain-mail power
point things - almost anything.
-Eric
-- arctic bears - affordable email and name services @yourdomain.com http://www.arcticbears.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Andrew Poodle: "Re: [Full-Disclosure] shell:windows command question"
- In reply to: Sapheriel: "RE: [Full-Disclosure] How big is the danger of IE?"
- Next in thread: Sapheriel: "RE: [Full-Disclosure] How big is the danger of IE?"
- Reply: Sapheriel: "RE: [Full-Disclosure] How big is the danger of IE?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
