[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

Dangerous bug in IE

To: linux-delhi@xxxxxxxxxxxxxxxxxxxxx
Subject: Dangerous bug in IE
From: Lokesh Setia <lsetia78@xxxxxxxxx>
Date: 04 Apr 2001 00:06:12 +0530
User-agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/20.7

Hello,

For those using Internet Explorer 5.01 or 5.5.  There is a very
serious security flaw discovered in IE that will allow a website to
run a program without your permission.  This also affects programs
like Outlook which use IE for rendering HTML mails.

What is most dangerous and distinguishing aspect of this problem is
that users need not click to open an attachment, the program can start
all by itself.

Resources:
----------

Demo of the flaw: http://www.kriptopolis.com/cua/eml.html

Microsoft's Patch:
http://www.microsoft.com/technet/security/bulletin/ms01-020.asp

Alternate to IE:
http://ftp.mozilla.org/pub/mozilla/releases/mozilla0.8.1/mozilla-win32-0.8.1-talkback.zip


Regards,
Lokesh.

-- 
Cricket scoreboard for linux 
For more info, visit http://scoreboard.sourceforge.net

Follow-Ups:
- Re: Dangerous bug in IE
  - From: Neil

Prev by Subject: Re: Crosspost - Gates attempts to patent everything software
Next by Subject: Re: Dangerous bug in IE
Previous by thread: Re: PixelView + X ?
Next by thread: Re: Dangerous bug in IE
Index(es):
- Subject
- Thread