Re: Rather large MSIE-hole

From: jon schatz (jon@divisionbyzero.com)
Date: 03/15/02

• Previous message: KF: "Re: Rather large MSIE-hole"
• In reply to: KF: "Re: Rather large MSIE-hole"
• Next in thread: Chad Thunberg: "RE: Rather large MSIE-hole"
• Next in thread: Slow2Show: "Re: Rather large MSIE-hole"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: jon schatz <jon@divisionbyzero.com>
To: KF <dotslash@snosoft.com>
Date: 14 Mar 2002 15:54:18 -0800

On Thu, 2002-03-14 at 14:48, KF wrote:
> Another thought... will this bug run an executable from a web page? If
> so you could just make your own binary to do whatever you wanted. Like
> http://mysiteathome.com/malware.exe or something along those lines. I
> would HOPE that it asks to save the file to disk or even better ignore
> it all together.

i get a warning message: "Your current security settings prohibit
running ActiveX controls on this page. As a result, the page may not
display correctly.". when i place the site the exe is linked from into
my "Trusted Sites" zone, I get a message asking me if i want to install
and run "http://www.divisionbyzero.com/calc.exe".

But even though i get the error message the first time, IE still
downloads the file (or at least, a GET shows up in my apache log). I
can't seem to find it in my temp files though, but if it's location were
known, i could include a malware link, wait for ie to download the file,
then run the file with the same method.....

-jon

-- 
jon@divisionbyzero.com || www.divisionbyzero.com
gpg key: www.divisionbyzero.com/pubkey.asc
think i have a virus?: www.divisionbyzero.com/pgp.html
"You are in a twisty little maze of Sendmail rules, all confusing." 

---

• application/pgp-signature attachment: This is a digitally signed message part

---

• Previous message: KF: "Re: Rather large MSIE-hole"
• In reply to: KF: "Re: Rather large MSIE-hole"
• Next in thread: Chad Thunberg: "RE: Rather large MSIE-hole"
• Next in thread: Slow2Show: "Re: Rather large MSIE-hole"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Socket read problem ... > I'm writing an NNTP based program that downloads articles from Usenet. ... It seems as if there is a bug somewhere ... (comp.unix.programmer) Re: Future of Dolphin revisited ... If the bug is severe, ... What I don't want is to gather fixes in scattered postings. ... There used to be two official update/patch mechnisms: Patching from within an image and downloads from OA's web site. ... (comp.lang.smalltalk.dolphin) Re: Blender on debian ... > upgrade||dist-upgrade, and one day I noticed blender in the downloads, ... Then it would be a bug. ... To UNSUBSCRIBE, email to debian-user-request@lists.debian.org ... (Debian-User) RE: Trusted Sites feature doesnt work ... I haven't bumped that up at all -- my Trusted Sites security level is set to Low...... ... >Is this a bug? ... is there a patch for it????? ... (microsoft.public.windowsxp.security_admin) Trusted Sites feature doesnt work ... >Is this a bug? ... is there a patch for it????? ... Do you not trust your trusted sites ... (microsoft.public.windowsxp.security_admin)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(12)