Re: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part II

From: D'Amato Luigi (luigidamato@networkingitalia.it)
Date: 02/28/03

Next message: Frankie: "Re: Netscape 6/7 crashes by a simple style***..."

Previous message: Martin Schulze: "[SECURITY] [DSA 254-1] New NANOG traceroute packages fix buffer overflow"
In reply to: Dike: "RE: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part II"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "D'Amato Luigi" <luigidamato@networkingitalia.it>
To: <bugtraq@securityfocus.com>
Date: Thu, 27 Feb 2003 12:01:51 -1200

Confirm on 6.0.2800.1106

On my IE is present: SP1, q324929, q810847, q813951

D'Amato Luigi
Admin www.securitywireless.info
----- Original Message -----
From: "Dike" <Dike@tarita.co.id>
To: <bugtraq@securityfocus.com>
Sent: Tuesday, February 25, 2003 1:50 PM
Subject: RE: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part II

> Confirmed on IE 5.0 too :(
>
> Sorry One Liner,
> Dike
>
> > -----Original Message-----
> > From: http-equiv@excite.com [mailto:http-equiv@malware.com]
> > Sent: Wednesday, February 26, 2003 4:45 AM
> > To: bugtraq@securityfocus.com
> > Subject: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part II
> > Tuesday, February 25, 2003
> >
> > We are delighted to learn that the original self-executing html file,
> > from June 1 2002 is now fixed with the most current of the many
> > patches for the Internet Explorer series of browsers. See:
> >
> > http://online.securityfocus.com/archive/1/275126
> >
> > Regrettably.
> >
> > The following file is an html file comprising both scripting and an
> > executable [*.exe].
> >
> > We inject scripting and an executable into the html file which is
> > designed to point back to the executable in the html file and execute
> > it. Provided the html file is an html file, Internet Explorer 5.5 and
> > 6.0 will execute it.
> >
> > Because it is an html file proper, Internet Explorer opens it. The
> > scripting inside is then parsed and fired. That scripting is pointing
> > back to the same executable file with our original codebase object
> > from the year 2000 and because it is a self-executing html file, it
> > executes !
> >
> > Tested IE5.5 and IE6. Fully self-contained harmless *.exe:
> >
> > http://www.malware.com/html.exe.zip
> >
> > Be aware of html files out there.
> >
> > Key Words: Trust it's Worthy so Think it's Tank silly obvious
> >
> > --
> > http://www.malware.com
>
>
>

Next message: Frankie: "Re: Netscape 6/7 crashes by a simple style***..."
Previous message: Martin Schulze: "[SECURITY] [DSA 254-1] New NANOG traceroute packages fix buffer overflow"
In reply to: Dike: "RE: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part II"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]