[11265] in bugtraq
Re: IE5 ActiveX security bug
daemon@ATHENA.MIT.EDU (Hakeem Shittu)
Thu Aug 5 09:25:59 1999
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <37A73CF6.82DD7F69@cas.org>
Date: Tue, 3 Aug 1999 15:03:18 -0400
Reply-To: olshittu@payne.wilberforce.edu
From: Hakeem Shittu <hshittu@CAS.ORG>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
Sami Kuhmonen wrote:
> There is a severe bug in Internet Explorer 5's security system concerning
> ActiveX components on web pages.
>
> If you go to a web page that has an evil ActiveX component (for example,
> the component shuts down Windows) and tell IE to run the component, of
> course it runs it. After that you know that you do not want to run that
> component. But what happens when you go to that page later? IE5 asks
> whether you want to run this component or not. Say no, and it still runs
> it!
I tested this feature on a Win98 box with the strict security setting and
could not reproduce this. Except for the repeated requests to install/run
the control. Particularly tested was the portion where you say 'no' and it
still runs it. Could it be possible that you had already said a prior 'yes'
and the control was now cached on your system?
Additionally, it has never been a good idea to run a control without the
appropriate digital signature.
Fl@w
The aim is to showcase their fl@w's
and not to xpl0it them. - wise 'ol man with a crystal ball and a serpent
snake
