On Wed, Jul 26, 2000 at 06:58:40AM +1000, Rick Welykochy wrote:
> Also, has anyone tried the following:
>
> (*) active content in the message (re-proves the point about virii!)
> (*) HTML or rich text in the message
thats nothing..
you can muck around with directx <object>s and get it to write and
execute files
better yet:
there's a buffer overrun in the Date: field, which (since you can
mime-encode the mail and its headers) allows you to execute arbitrary
code without double-clicking on anything. in outlook express ("lookout
urgently") you don't even have to read the particular message, just
have it in your mailbox. (the exploit i saw downloaded a program and
ran it)
and *still* everyone says "macro virus", not "remotely exploitable
mail reader bug"
--
- Gus
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
