There's a couple of things that aren't clear here -
>IE and Outlook 5.x allow executing arbitrary programs using .eml files
>Description:
>There is a vulnerability in IE and Outlook 5.x for Win9x/WinNT (probably
>others) which allows executing arbitrary programs using .eml files.
Would this happen to apply to other web browsers, e.g., Netscape?
>Details:
>The problem is creating files in the TEMP directory with known name and
>arbitrary content.
How does the file get there? Do all .eml files create temp files? I
assume another work-around would be to have a user-specific temp directory,
such as Windows 2000 uses.
David LeBlanc
[EMAIL PROTECTED]
