lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
From: rwm8 at CSE.MsState.EDU (Robert Wesley McGrew)
Subject: HTML FORMATED MAIL ( ie - oe - html ) bgsound
 local file - ding?

Just got around to looking at it, and from where I sit, it appears to be
merely an annoyance, apart from fringe circumstances where discernable
audio output from a workstation is critical and is disrupted by this.  In
that case, any bgsound, remote or local, is undesirable.

The file accessed is local, however I fail to see the problem, as nothing
is disclosed to outside parties, and the local user would have access to
any of sounds played by this tag in the first place.

If you have any thoughts on how the content could be malicious, please
correct me.

Wesley


On Mon, 4 Aug 2003, morning_wood wrote:

 > RE: [Full-Disclosure] HTML FORMATED MAIL ( ie - oe - html ) bgsound
 local file - ding?i was not clear if it was an issue, nor do i see my
 post.. heh
 > it should be viewed in its original format ( html ) preferably by
 online mail services to show this is accessing a local file. there is no
 malicious content
>
> Donnie


Powered by blists - more mailing lists