[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[VulnWatch] xp sp2 weaknesses

To: vulnwatch@xxxxxxxxxxxxx
Subject: [VulnWatch] xp sp2 weaknesses
From: "Richie B." <richie@xxxxxxxxxxxxxxxx>
Date: Wed, 18 Aug 2004 10:20:53 +0200

I haven't seen this report here yet.

Flaws in SP2 security features
==============================

1) The command shell cmd.exe ignores the ZoneID of files.
2) Windows Explorer caches the result of ZoneID lookups. If a file is
overwritten, Explorer does not properly update this cached information
to reflect the new ZoneID. This allows spoofing of trusted or
non-existant ZoneIDs by overwriting files with trusted or non-existent
ZoneIDs.

URL: http://www.heise.de/security/artikel/50051

Cheers,

Richie

Follow-Ups:
- Re: [VulnWatch] xp sp2 weaknesses
  - From: hellNbak

Prev by Date: [VulnWatch] Opera Local File/Directory Detection (GM#009-OP)
Next by Date: [VulnWatch] Adobe Acrobat/Acrobat Reader ActiveX Control Buffer Overflow Vulnerability
Previous by thread: [VulnWatch] Opera Local File/Directory Detection (GM#009-OP)
Next by thread: Re: [VulnWatch] xp sp2 weaknesses
Index(es):
- Date
- Thread