RE: Admin.dll (strings ./Admin.dll)
From: Isherwood Jeff C Contr AFRL/IFOSS (Jeffrey.Isherwood@rl.af.mil)Date: 09/19/01
- Previous message: Gary Flynn: "Re: Admin.dll (strings ./Admin.dll)"
- Maybe in reply to: w1re p4ir: "Admin.dll (strings ./Admin.dll)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <50D01D71BB8CD411AD850000D11B4B45B1CA5C@FSJREZ02.adm.rl.af.mil> From: Isherwood Jeff C Contr AFRL/IFOSS <Jeffrey.Isherwood@rl.af.mil> To: "'Robert D.'" <xkill@dingoblue.net.au>, w1re p4ir <w1rep4ir@disinfo.net> Subject: RE: Admin.dll (strings ./Admin.dll) Date: Tue, 18 Sep 2001 18:17:20 -0400
We have al Java in email (outlook) disabled, but when we open the emails (or
even preview them) they automaticaly launch (and of course try default media
player for wav files cause of the associateion to wav-x).
What I can't figure out is how is that java directed auto launch causing the
attachment to automaticlly launch? I've double & triple checked my test
platform, Java scripting is disabled.
-----Original Message-----
From: Robert D. [mailto:xkill@dingoblue.net.au]
Sent: Tuesday, September 18, 2001 3:51 PM
To: w1re p4ir
Cc: incidents@securityfocus.com; vuln-dev@securityfocus.com
Subject: Re: Admin.dll (strings ./Admin.dll)
> Here's where it inserts the javascript to open the evil readme.eml mime
Buffer overflow.
I'm I correct assuming this is the same problem discussed in MS00-043?
In that case the following configurations are safe:
IE 5.01 SP1 or later
IE 5.5 or later ( except Windows 2000, sp1 safe?? )
- Previous message: Gary Flynn: "Re: Admin.dll (strings ./Admin.dll)"
- Maybe in reply to: w1re p4ir: "Admin.dll (strings ./Admin.dll)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
