Re: KaZaAFrom: Alex Lambert (firstname.lastname@example.org)
- Previous message: Alun Jones: "Re: Ambiguities in TCP/IP - firewall bypassing"
- In reply to: David Krum: "KaZaA"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Alex Lambert" <email@example.com> To: "David Krum" <firstname.lastname@example.org>, <email@example.com> Date: Fri, 18 Oct 2002 15:55:57 -0500
Kazaa's IE control (at least in 1.7.x) seems to treat certain URLs
differently, too, which could pose a problem. For example,
http://localhost/KazaaSearchQuery performs a search (a form for this is
displayed on desktop.kazaa.com). Putting more than 272 bytes into the query
argument causes a crash; I haven't checked if it's posisble to run malicious
code with this.
> I'm concerned about all the applications which utilize ie browser
> There are a lot of adware programs with little ads. Some of these ads
> activex, java, flash, js. Any one of these capabilities in the wrong zone
> could be dangerous.
> My attention was first drawn to this when I noticed KaZaA launching popups
> sourced from the local hard disk. Surely these ads are running in the
> zone. To use software that does this I have to trust them to audit the
> given to them?
> Broadband? Dial-up? Get reliable MSN Internet Access.