Re: Winnt/Win2k Vuln ?
From: J. Bol (j.bol@itsec.nl)Date: 08/14/01
- Previous message: Ofir Arkin: "X White Paper Released"
- In reply to: martin.goudreault@notes.canadair.ca: "Re: Winnt/Win2k Vuln ?"
- Next in thread: Red Pantz: "RE: Winnt/Win2k Vuln ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <3B78E589.223A817A@itsec.nl> Date: Tue, 14 Aug 2001 10:47:05 +0200 From: "J. Bol" <j.bol@itsec.nl> To: martin.goudreault@notes.canadair.ca, vuln-dev@securityfocus.com Subject: Re: Winnt/Win2k Vuln ?
martin.goudreault@notes.canadair.ca wrote:
> You can also do the same thing with files that are associated: *.doc (will open
> Word), *.xls (will open Excel), *.mdb (will open Access) and so on...
>
> Try this: Create a word document (or excel sheet) with an automacro, copy it to
> your desktop, rename it to whatever URL you want, open IE and type that
> address...voila... (worked here!)
This will only work when the option 'Hide file extentions for known file types' is
turn on, which is default and most common on average user's systems.
Verified on NT4-SP6.
Cheers,
Jeroen
-- ITsec Nederland B.V. may not be held liable for the effects or damages caused by the direct or indirect use of the information or functionality provided by this posting, nor the content contained within. Use them at your own risk. ITsec Nederland B.V. bears no responsibility for misuse of this posting or any derivatives thereof.
- Previous message: Ofir Arkin: "X White Paper Released"
- In reply to: martin.goudreault@notes.canadair.ca: "Re: Winnt/Win2k Vuln ?"
- Next in thread: Red Pantz: "RE: Winnt/Win2k Vuln ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
