lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 13 May 2004 21:40:10 -0000 From: "http-equiv@...ite.com" <1@...ware.com> To: <bugtraq@...urityfocus.com> Cc: <NTBugtraq@...tserv.ntbugtraq.com> Subject: POA: Outlook Expresss 6.00 Thursday, May 13, 2004 The following is exceptionally unusual. For many years post Outlook Express 4 has been an impossibility to target html or remote sites directly into the 'window' of an Outlook Express mail message. That means all links [your basic href] would invoke the browser accompanied by Outlook Express, one Internet Explorer, and open content therein. The following odd-combination 'fluke' returns us to pre-Outlook Express 5 days by opening both remote and local content inside the actual mail message itself: [screenshot: http://www.malware.com/poa.png 242KB] The mail message itself then becomes the browser. Needless to say that the immediate thought turns to the current stream of activity ; that being 'phishing'. There is no browser involvement, there is no address bar and any one of previously discussed url spoof mechanisms can be deployed to further substantiate the ruse: <BASE href=http://www.malware.com target=_top> <A href="http://www.microsoft.com">http://www.malware.com</A> Notes: 1. Interestingly replying to the mail message will fill in the href with whatever is stated in the base href 2. about: url protocol functions 3. All content is still processed in the security zone applicable to the mail clients settings 4. More technical in-depth possibilities can be examined at a future date End Call -- http://www.malware.com
Powered by blists - more mailing lists