[16215] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: MS Word and MS Access vulnerability - executing arbitrary

daemon@ATHENA.MIT.EDU (Ben Greenbaum)
Sat Aug 12 02:15:12 2000

MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-ID:  <Pine.GSO.4.21.0008101701160.22628-100000@mail>
Date:         Thu, 10 Aug 2000 17:04:51 -0700
Reply-To: Ben Greenbaum <bgreenbaum@SECURITYFOCUS.COM>
From: Ben Greenbaum <bgreenbaum@SECURITYFOCUS.COM>
To: BUGTRAQ@SECURITYFOCUS.COM

"This may be exploited also by visiting a web page with IE or
opening/previewing HTML email message with Outlook."

While this sentence is accurate, it is misleading as this vulnerability
can be exploited via any delivery mechanism at all, including Netscape
Navigator, Netscape Messenger, ftp etc. As long as the file is delivered
and opened in a vulnerable version of Word/Access, it works.

Ben Greenbaum
Director of Site Content
SecurityFocus
http://www.securityfocus.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[16215] in bugtraq

Re: MS Word and MS Access vulnerability - executing arbitrary

daemon@ATHENA.MIT.EDU (Ben Greenbaum)Sat Aug 12 02:15:12 2000

daemon@ATHENA.MIT.EDU (Ben Greenbaum)
Sat Aug 12 02:15:12 2000