Here, let's make the rendering issue simple:
Due to IE being so content help-happy there are a
myriad of IE-friend file types (e.g.-.jpg) that one
can simply rename a metafile to for purpose of web
exploitation, and IE will pull out the wonderful hey;
you're-not-a-jpeg-you're-a-something-else-that
Evans, Arian wrote:
> Due to IE being so content help-happy there are a
> myriad of IE-friend file types (e.g.-.jpg) that one
> can simply rename a metafile to for purpose of web
> exploitation, and IE will pull out the wonderful hey;
> you're-not-a-jpeg-you're-a-something-else-that-I-can-
> -auto
Evans, Arian wrote in
news:[EMAIL PROTECTED]
> Here, let's make the rendering issue simple:
>
> Due to IE being so content help-happy there are a
> myriad of IE-friend file types (e.g.-.jpg) that one
> can simply rename a metafile to for purpose of web
> exploitation, and IE will pull out the wond
Dave Korn wrote
> Have you tried giving it a mpg/avi/wma/wmv extension and getting
> it to open in a (perhaps embedded) mediaplayer? That's liable to
> work as well; mediaplayer is also vulnerable to the
>
choose-an-app-based-on-extension/app-loads-a-viewer-based-on-actual-content
> desynchroni
