[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Notepad popups in Internet Explorer and Outlook

To: "Richard M. Smith" <rms@computerbytesman.com>
Subject: Re: [Full-Disclosure] Notepad popups in Internet Explorer and Outlook
From: Georgi Guninski <guninski@guninski.com>
Date: Thu, 07 Aug 2003 22:57:19 +0300

Richard, you irresponsible m$ puppy!
How irresponsible and self promoting of you to not give m$ chance to fix this 
huge hole!
btw, on win9x you may have more fun with view-source and wordpad:
http://lists.insecure.org/lists/bugtraq/2000/Feb/0388.html

georgi

Richard M. Smith wrote:
> Hi,
> 
> Do Notepad popups represent a security risk or are they simply another
> way for spammers and marketers to annoy us?  Because of a design flaw in
> Internet Explorer, Notepad popup windows can be displayed from an HTML
> email message or Web page regardless of browser security settings.  In
> addition, Notepad popups can access files on a hard disk, possibilly
> causing stability problems in a Windows saystem. 
> 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- RE: [Full-Disclosure] Notepad popups in Internet Explorer and Outlook
  - From: "Richard M. Smith" <rms@computerbytesman.com>

Prev by Date: Re: [Full-Disclosure] Red Bull Worm
Next by Date: Re: [Full-Disclosure] Vulnerability Disclosure Debate
Prev by thread: RE: [Full-Disclosure] Incident response kit? Really OT, but need some help.
Next by thread: RE: [Full-Disclosure] Notepad popups in Internet Explorer and Outlook
Index(es):
- Date
- Thread