[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Another Netscape Bug (and possible security hole)

To: [email protected]
Subject: Re: Another Netscape Bug (and possible security hole)
From: Aleph One <[email protected]>
Date: Fri, 22 Sep 1995 19:51:02 -0500 (CDT)
Cc: Adam Shostack <[email protected]>, [email protected], [email protected]
In-Reply-To: <[email protected]>
Sender: [email protected]

Actually it allows you to imbed data and commands to run. What the latest
MSWord virus did is imbed a virus dropper encoded in the word document
and then run it trough the dos debug command to make it a binary file
(if you ever read the 40HEX virus magazine you should know how this works).
From there it just run the dropper.

Aleph One / [email protected]
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Fri, 22 Sep 1995 [email protected] wrote:

> Is that the new MS-Word you're thinking of?  I hear that it lets you
> imbed macros containing executable code in documents.  That's got to
> be one of the most dangerous ideas ever cooked up.
> 
>    --Dave.
> 
> --
> Dave Mandl
> [email protected]
> http://wfmu.org/~davem
>

Follow-Ups:
- Re: Another Netscape Bug (and possible security hole)
  - From: Ray Cromwell <[email protected]>

References:
- Re: Another Netscape Bug (and possible security hole)
  - From: [email protected]

Prev by Date: Re: Pitfall in producing random numbers
Next by Date: "Going after Netscape"
Prev by thread: Re: Another Netscape Bug (and possible security hole)
Next by thread: Re: Another Netscape Bug (and possible security hole)
Index(es):
- Date
- Thread