[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Microsoft Explorer security hole (fwd)

To: [email protected] (Ben Holiday)
Subject: Re: Microsoft Explorer security hole (fwd)
From: [email protected] (Igor Chudov @ home)
Date: Mon, 26 Aug 1996 17:06:09 -0500 (CDT)
Cc: [email protected], [email protected]
In-Reply-To: <[email protected]> from "Ben Holiday" at Aug 26, 96 00:22:15 am
Organization: Bool Sheet Software
Reply-To: [email protected] (Igor Chudov)
Sender: [email protected]

please publish the exploit.

many many thanks in advance

igor

Ben Holiday wrote:
> 
> 
> 
> ---------- Forwarded message ----------
> Date: Mon, 26 Aug 1996 01:35:07 GMT
> Subject: Microsoft Explorer security hole (fwd)
> 
> On Sun, 25 Aug 1996 13:55:30 -0600 (MDT), Carl Nation
> <[email protected]> wrote:
> 
> To our Resellers/Customers,
> 
> Our sysadmin received this security alert, and we thought we should
> pass it along...
> 
> ------- Forwarded Message
> 
> Date: Wed, 21 Aug 1996 13:12:59 -0400
> From: [email protected] (Ed Felten)
> Subject: Internet Explorer Security Problem
> 
> We have discovered a security flaw in the current version (3.0) of
> Microsoft's Internet Explorer browser running under Windows 95.  An
> attacker could exploit the flaw to run any DOS command on the machine of
> an Explorer user who visits the attacker's page.  For example, the
> attacker could read, modify, or delete the victim's files, or insert a
> virus or backdoor entrance into the victim's machine.  We have verified
> our discovery by creating a Web page that deletes a file on the machine of
> any Explorer user who visits the page.
> 
> The core of the attack is a technique for delivering a document to the
> victim's browser while bypassing the security checks that would
> normally be applied to the document.  If the document is, for example, a
> Microsoft Word template, it could contain a macro that executes any DOS
> command.
> 
> Normally, before Explorer downloads a dangerous file like a Word
> document, it displays a dialog box warning that the file might contain a
> virus or other dangerous content, and asking the user whether to abort the
> download or to proceed with the download anyway.  This gives the user a
> chance to avoid the risk of a malicious document.  However, our technique
> allows an attacker to deliver a document without triggering the dialog
> box.
> 
> Microsoft has been notified and they are working on fixing the
> problem. Until a remedy is widely available, we will not disclose further
> details about the flaw.
> 
> For more information, contact Ed Felten at [email protected] or
> 609-258-5906.
> 
> Dirk Balfanz and Ed Felten
> Dept. of Computer Science, Princeton University
> http://www.cs.princeton.edu/sip/
> 
> ------- End of Forwarded Message
> 
> 
> 
> 



	- Igor.

References:
- Microsoft Explorer security hole (fwd)
  - From: Ben Holiday <[email protected]>

Prev by Date: Discussion: The Digital Commerce Clause [Long] [Was: Re: The Commerce Clause and the Crypto Issue]
Next by Date: CLE_nup
Prev by thread: Microsoft Explorer security hole (fwd)
Next by thread: Sen. Leahy's "impeccable cyberspace credentials"
Index(es):
- Date
- Thread