[VulnWatch] xp sp2 weaknesses

From: Richie B. (richie_at_NO-SPAM-HERE.com)
Date: 08/18/04

  • Next message: Chris Wysopal: "[VulnWatch] Adobe Acrobat/Acrobat Reader ActiveX Control Buffer Overflow Vulnerability"
    Date: Wed, 18 Aug 2004 10:20:53 +0200
    To: vulnwatch@vulnwatch.org
    
    

    I haven't seen this report here yet.

    Flaws in SP2 security features
    ==============================

    1) The command shell cmd.exe ignores the ZoneID of files.
    2) Windows Explorer caches the result of ZoneID lookups. If a file is
    overwritten, Explorer does not properly update this cached information
    to reflect the new ZoneID. This allows spoofing of trusted or
    non-existant ZoneIDs by overwriting files with trusted or non-existent
    ZoneIDs.

    URL: http://www.heise.de/security/artikel/50051

    Cheers,

    Richie


  • Next message: Chris Wysopal: "[VulnWatch] Adobe Acrobat/Acrobat Reader ActiveX Control Buffer Overflow Vulnerability"