Re: POS#1 Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part III

• Previous message: NGSSoftware Insight Security Research: "Multiple SQL Injection Vulnerabilities in Oracle Application Server 9i and RDBMS (#NISR05112003)"
• In reply to: http-equiv_at_excite.com: "POS#1 Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part III"
• Next in thread: Kurt Seifried: "Re: POS#1 Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part III"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date:         Thu, 6 Nov 2003 02:02:42 -0700
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

> In our never-ending quest for entertainment, we commece from
> this date forward to end-2004 our POS series of findings. That
> is the 'perfect operating system'. Today we debut and regurgitate
> new and not so new for fun as follows. A warm up for the New Year if
> you will !:

This is easy to avoid. Just set the kill bit for the affected Active
component, Adodb.Stream for which the CLSID is
4B106874-DD36-11D0-8B44-00A024DD9EFF.

Kurt Seifried, kurt@seifried.org
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://seifried.org/security/

----
NTBugtraq subscribers save $103.00 off the TICSA exam by using promo
code "NT1003" when registering to take the TICSA exam at www.2test.com.
Prove to your employer and peers that you have the knowledge and
abilities to be an active stakeholder in today's enterprise security.
Become TICSA certified www.trusecure.com/ticsa.  Promotion expires
12/31/03 and cannot be used in combination with other offers.
----

• Previous message: NGSSoftware Insight Security Research: "Multiple SQL Injection Vulnerabilities in Oracle Application Server 9i and RDBMS (#NISR05112003)"
• In reply to: http-equiv_at_excite.com: "POS#1 Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part III"
• Next in thread: Kurt Seifried: "Re: POS#1 Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part III"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]