[20250] in bugtraq
Re: Double clicking on innocent looking files may be dangerous
daemon@ATHENA.MIT.EDU (Nexus)
Tue Apr 17 03:12:32 2001
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-ID: <005501c0c6bc$8d6fce80$0232800a@Marduk>
Date: Mon, 16 Apr 2001 22:31:08 +0100
Reply-To: Nexus <nexus@PATROL.I-WAY.CO.UK>
From: Nexus <nexus@PATROL.I-WAY.CO.UK>
X-To: Georgi Guninski <guninski@GUNINSKI.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
Using Windows 2000 Pro 5.00.2195 SP1 & latest hotfixes and the demonstration
file supplied by Georgi, this file appears using the icon for an
unregistered file type despite the testhta.txt filename - a big clue - this
was seen in Explorer and IE 5.5. Needless to say, my AV software jumped on
it straight away. Also it was noted that in the ZIP file and when viewing
the [testhta.txt] file properties, it was classed as an HTML application,
which would also alert the user - the CLSID section is also seen in the ZIP
viewer. I shall skip the oft-mentioned rant on the subject of running
unknown and unexpected files of strange types from unknown and untrusted
sources ;-)
Cheers.
----- Original Message -----
From: "Georgi Guninski" <guninski@GUNINSKI.COM>
To: <BUGTRAQ@SECURITYFOCUS.COM>
Sent: Monday, April 16, 2001 3:23 PM
Subject: Double clicking on innocent looking files may be dangerous
> Georgi Guninski security advisory #42, 2001
>
> Double clicking on innocent looking files may be dangerous
>
> Systems affected:
> Windows Explorer, Internet Explorer - Windows 98, 2000 - when browsing
> directories or shares
>
> Risk: High
> Date: 16 April 2001
[snip]
