| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <3F4CBE33.2905.984DCF4F@localhost> From: nick at virus-l.demon.co.uk (Nick FitzGerald) Subject: ADODB.Stream object jelmer <jkuperus@...net.nl> wrote: <<snip interesting stuff>> > I dont think it in it self can not be concidered a security vulnerabilty as > it only works when the file containing the code is present on a users > harddisk, though html files are generally considered trusted and you can > probably trick some people into opening an html file by sending it to them > through msn messenger or whatever. > It can most likely be used to leverage other vulnerabilities, for instance > many programs download information to predictable locations from where you > might invoke it. I do not see this as much of an issue/problem for widespread exploitation of this. Recall the (modest) "success" of the MindJail virus, and the ongoing success of Mijail (which is by far the most prevalent mass-mailing virus this month if you ignore the Sobig.F freak). Both of these viruses exploited a "My Computer" zone-only IE vulnerability, depending on the typical handling of files from inside archives being placed into %TEMP% despite their source archives clearly being handled in the TIF. Of course, MS (and thus IE) cannot manage third-party programs handling of files passed out of of IE's security zones... -- Nick FitzGerald Computer Virus Consulting Ltd. Ph/FAX: +64 3 3529854
Powered by blists - more mailing lists