Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.

URL argument injection vulnerability

[es] :: Security Coding :: URL argument injection vulnerability

[ Pregleda: 3742 | Odgovora: 0 ] > FB > Twit

Postavi temu Odgovori

Autor

Pretraga teme: Traži
Markiranje Štampanje RSS

StratOS
Slovenija

Član broj: 2234
Poruke: 987
*.ce.sik.si



+1 Profil

icon URL argument injection vulnerability12.03.2004. u 10:40 - pre 194 meseci
Finnish security researcher Jouko Pynnönen has discovered a command-line script
injection vulnerability in Microsoft Outlook. In response, Microsoft created the
MS04-009 patch that has been labelled Critical, which can be found at

http://www.microsoft.com/technet/security/bulletin/ms04-009.mspx

By exploiting the mailto: URL protocol handler provided by Outlook, it is
possible to inject arbitrary script code into the My Computer security zone.
This can be used by a virus to send you an email which automatically launches an
executable when you read it, without requiring any user interaction such as
opening email attachments.

Refferer:http://seclists.org/lists/bugtraq/2004/Mar/0086.html
Pozdrav StratOS
"Multitasking - ability to f##k up several things at once."
"It works better if you plug it in."
"As a rule, software systems do not work well until they have been used, and have failed repeatedly, in real applications."
"The one who is digging the hole for the other to fall in is allready in it."
 
Odgovor na temu

[es] :: Security Coding :: URL argument injection vulnerability

[ Pregleda: 3742 | Odgovora: 0 ] > FB > Twit

Postavi temu Odgovori

Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.