Re: KaZaA

From: Alex Lambert (
Date: 10/18/02

From: "Alex Lambert" <>
To: "David Krum" <>, <>
Date: Fri, 18 Oct 2002 15:55:57 -0500

Kazaa's IE control (at least in 1.7.x) seems to treat certain URLs
differently, too, which could pose a problem. For example,
http://localhost/KazaaSearchQuery performs a search (a form for this is
displayed on Putting more than 272 bytes into the query
argument causes a crash; I haven't checked if it's posisble to run malicious
code with this.

----- Original Message -----
From: "David Krum" <>
To: <>
Sent: Friday, October 18, 2002 11:33 AM
Subject: KaZaA

> I'm concerned about all the applications which utilize ie browser
> There are a lot of adware programs with little ads. Some of these ads
> activex, java, flash, js. Any one of these capabilities in the wrong zone
> could be dangerous.
> My attention was first drawn to this when I noticed KaZaA launching popups
> sourced from the local hard disk. Surely these ads are running in the
> zone. To use software that does this I have to trust them to audit the
> given to them?
> _________________________________________________________________
> Broadband? Dial-up? Get reliable MSN Internet Access.