[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] Re: shell:windows

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: [Full-Disclosure] Re: shell:windows
From: Nick Eoannidis <nikon@xxxxxxxxxxxxxxxxxxxx>
Date: Sun, 11 Jul 2004 09:43:26 +0800

Larry Seltzer
eWEEK.com Security Center Editor --

buddy, the shell:windows URI handler was disabled in IE ages ago!
The fact it can be crafted into an exploit for Mozilla! is the issue
here.
Of course it wont work on your IE your probably patched to the max!
Mozilla just forgot to disable access to this URI due to the fact
that mozilla was first built for nix and not windoze.
All versions of mozilla have been fixed now

Nikon
Xillion Computers
Trust your Technolust
http://www.xillioncomputers.com
nikon@xxxxxxxxxxxxxxxxxxxx

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Follow-Ups:
- Re: [Full-Disclosure] Re: shell:windows
  - From: Barry Fitzgerald

Prev by Date: Re: [Full-Disclosure] MicroSopht IE (on XPee only) launches messenger by callto:gates or outlook by outlook:calendar protocols
Next by Date: RE: [Full-Disclosure] MicroSopht IE (on XPee only) launches messenger by callto:gates or outlook by outlook:calendar protocols
Previous by thread: RE: [Full-Disclosure] MicroSopht IE (on XPee only) launches messenger by callto:gates or outlook by outlook:calendar protocols
Next by thread: Re: [Full-Disclosure] Re: shell:windows
Index(es):
- Date
- Thread