[20344] in bugtraq
Re: Double clicking on innocent looking files may be dangerous
daemon@ATHENA.MIT.EDU (Dzzie Z)
Fri Apr 20 08:17:55 2001
Message-ID: <200104172051.f3HKpL917749@cemail>
Date: Tue, 17 Apr 2001 16:51:22 -0400
Reply-To: dzzie@YAHOO.COM
From: Dzzie Z <dzzie@YAHOO.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
just to clear it up does anyone know exactly what to look for to determine which clsid's will exhibit this behavior?
I spent some time scannign through the registry this afternoon and was only able to find these
html application {3050F4D8-98B5-11CF-BB82-00AA00BDCE0B}
mhtml document {3050F3D9-98B5-11CF-BB82-00AA00BDCE0B}
xml {48123bc4-99d9-11d1-a6b3-00c04fd91555}
xsl {48123bc4-99d9-11d1-a6b3-00c04fd91555}
html {25336920-03F9-11cf-8FD0-00AA00686F13}
the only place I could find the hta clsid was buried in hkcr/clsid
the rest I found in hkcr/xmlfile/clsid etc...
what I was really wondering is if there was an associated clsid for bat,exe,com,scr,chm,vbs etc?
