| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <6E4A626CCE3C664F81F478A3674A40F8019D2119@epimetheus.adone.com> From: JThomas at poweronemedia.com (Joshua Thomas) Subject: HTML FORMATED MAIL ( ie - oe - html ) bgsou nd local file - ding? Do you have an exploit example for this that is anything other than just an annoyance? Joshua Thomas Network Operations Engineer PowerOne Media, Inc. tel: 518-687-6143 jthomas@...eronemedia.com -----Original Message----- From: morning_wood [mailto:se_cur_ity@...mail.com] Sent: Monday, August 04, 2003 7:55 PM To: incidents@...urityfocus.com; 0day; full-disclosure@...ts.netsys.com Subject: [Full-Disclosure] HTML FORMATED MAIL ( ie - oe - html ) bgsound local file - ding? ding ding ding <--- its a local file this should work reading FROM hotmail as well or any web ( html ) based mail reader ( i think ) the tag <BGSOUND> carries many optopns as well, and referenced at http://msdn.microsoft.com/workshop/author/dhtml/reference/objects/bgsound.as p this is calling c:\windows\media\ding.wav ( 9x / XP ) and c:\winnt\media\ding.wav this affects Microsft Win9x / NT / 2K / XP / 200? is this an annoyance or bug? Donnie Werner morning_wood@...labs.com http://e2-labs.com view this online at http://exploit.philez.com/ding.htm t'nks buRdeN fer the test'n -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030804/018a062c/attachment.html
Powered by blists - more mailing lists