[Esd-l] Extensions to poison: .wmv and possibly .wma
John Hardin
jhardin at impsec.org
Fri Mar 22 21:28:01 PST 2002
On Fri, 2002-03-22 at 10:15, Brett Glass wrote:
> See the description below for details....
>
> --Brett Glass
>
> >GreyMagic Security Advisory GM#002-IE
> >By GreyMagic Software, Israel.
> >22 Mar 2002.
> >
> >WMV/WMA generally plays under Windows Media Player and has the ability to
> >include a form of script that lets developers control various aspects of the
> >movie.
wma and wmv have been added to the default MANGLE_EXTENSIONS list in the
development sanitizer. I really ought to do a release this weekend.
> > <!-- <DEFANGED_STYLE>
> >a, img { display:none; }
> > --> </DEFANGED_STYLE>
> >Hello, Eudora.
> ><DEFANGED_IMG dynsrc="file://C:/Progra~1/Qualcomm/Eudora/Attach/gmlaunch.wmv">
As you can see, this particular variant of exploit wouldn't work if
DEFANG_WEBBUGS is enabled.
Thanks, Brett.
--
John Hardin KA7OHZ ICQ#15735746 http://www.impsec.org/~jhardin/
jhardin at impsec.org pgpk -a jhardin at wolfenet.com
768: 0x41EA94F5 - A3 0C 5B C2 EF 0D 2C E5 E9 BF C8 33 A7 A9 CE 76
1024: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
More information about the esd-l
mailing list