lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 28 Jul 2003 10:02:10 +0100 (BST)
From: pre <pre@...kgang.co.uk>
To: Denis Jedig <seclists@...eticon.de>
Subject: Re: TEXT/PLAIN: ALERT("OUTLOOK EXPRESS")


Quoting Denis Jedig <seclists@...eticon.de>:

> http-equiv@...ite.com wrote:
> > Content-Type: text/plain;
> > [...]
> > <img dynsrc=javascript:alert()><font color=red>foo
> > 
> > The above is a legitimate RFC822 mail message in plain text. 
> > Ordinarily one would require an html mail message [Content-Type: 
> > text/html;] to parse html and scripting. 
> 
> Internet Explorer seems to take no offense on Content-Types either - 
> text/plain from a web server is happily rendered as HTML, if it contains 
> valid tags.
> 

Yes, it's a well known security hole that Microsoft has refused or is unable to fix.

I (and others) have reported this issue over the last few years. MS acknowledge
the problem but will not fix it.

Advisory at: http://www.geekgang.co.uk/adv/gsa2002-01.txt

I recommend against using IE and Outlook in any kind of sensitive environment.

.pre

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ