Re: [Full-Disclosure] IE exploit runs code from graphics?

Aditya, ALD [ Aditya Lalit Deshmukh ] Sat, 26 Jun 2004 00:29:35 -0700

> files (.CHM) from some web site, causing the HTML code inside the .CHM 
> to be run in the "My Computer" security zone.  Typically (like all but 
> one of _dozens and dozens_ of these I've seen) the "inner" HTML run


this is one of the  _dozens and dozens_  reasons to use mozilla on untrusted sites and 
use ie to access internal websites if they do depend of some ie features but set the 
default browser to mozilla so that when ever the user cliks something it opens in 
mozilla 


> That is hardly the same thing as "embedded code hidden in graphics on 
> Web pages", but I can easily imagine a na�ve journalist getting 
> confused over such technical issues or a company representative 
> hankering for some media exposure over-selling the seriousness or 
> novelty of what they "discovered"...

and these are the people who raise the script kiddies to "elite hackers!"


-aditya

������������������������������������������������������
�b���v�"�axZ�x����ڔGb�*'���[kj����j)m���r��

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Re: [Full-Disclosure] IE exploit runs code from graphics?

Reply via email to