[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Re: shell:windows

To: Larry Seltzer <larry@xxxxxxxxxxxxxxxx>
Subject: Re: [Full-Disclosure] Re: shell:windows
From: Barry Fitzgerald <bkfsec@xxxxxxxxxxxxxxxx>
Date: Mon, 12 Jul 2004 13:26:37 -0400

Larry Seltzer wrote:

This behavior is indistinguishable from that of a simple href to the file itself, so there's no point in bringing in the shell: stuff. If you want to assume a little social engineering can do anything than a simple href is a vulnerability for any browser.

I agree with what you're saying here, but it's still an issue to be aware of and is not disabled entirely - which was what was claimed in the message I responded to.

Also, when the shell:windows reference is input into IE's address bar field, it

executes the code without a a dialogue box...

Gimme a break. This is not a meaningful problem.

It's as meaningful as the Mozilla issue. If your point is that that wasn't a meaningful problem either, then we can agree to disagree on the scope. I'll agree that getting this issue to run code of the choosing of the attacker is more difficult than some other unpatched IE holes, but it is not impossible.

I wonder, why are you so quick to discount this when you haven't looked deeply into it?

-Barry


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- RE: [Full-Disclosure] Re: shell:windows
  - From: Larry Seltzer

Prev by Date: RE: [Full-Disclosure] Re: shell:windows
Next by Date: Re: [Full-Disclosure] Firefox 0.92 DoS via TinyBMP
Previous by thread: RE: [Full-Disclosure] Re: shell:windows
Next by thread: RE: [Full-Disclosure] Re: shell:windows
Index(es):
- Date
- Thread