RE: Images being pulled in Outlook 2003 even though don't downloa d pictures is set?
From: BugTraq (BugTraq_at_bnj.com)
Date: 08/23/04
- Previous message: Rob Hughes: "Re: Blocking Access to Non-domain computers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'Spencer, Mark'" <mspencer@evidentdata.com>, security-basics@securityfocus.com Date: Mon, 23 Aug 2004 13:08:37 -0700
IIRC - the cid value refers to another content section within a multi-part
e-mail message. Images included within a multi-part message will be
displayed in Outlook 2003 no matter what the setting is, since the setting
affects images that are referenced outside of the message.
-----Original Message-----
From: Spencer, Mark [mailto:mspencer@evidentdata.com]
Sent: Sunday, 22 August, 2004 09:36
To: security-basics@securityfocus.com
Subject: Images being pulled in Outlook 2003 even though don't download
pictures is set?
I've been getting lots of spam with images being displayed, even though
my Outlook 2003 is set to not download pictures automatically. Here's
what I think is the relevant code (minus < and >):
DIV align=center
FONT face=Arial size=2
IMG src="cid:kfhyepds_bfjhwcxn_dkiaarqo"
/FONT
/DIV
/BODY
/HTML
Any advice on how to deal with this? How does that "cid: .." translate
into a legitimate IP address from which to pull an image?
Thanks!
---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.
http://www.securityfocus.com/sponsor/InfoSecInstitute_security-basics_040817
----------------------------------------------------------------------------
---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.
http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------
- Previous message: Rob Hughes: "Re: Blocking Access to Non-domain computers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
