Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] webmail password protection?
- Date: Thu, 26 Jan 2006 07:16:40 +0100
- From: Tobias Diedrich <ranma@example.com>
- Subject: Re: [tlug] webmail password protection?
- References: <528772B2-97EF-4EE9-A639-56D6D29A0EA8@example.com><1138171982.30076.252703504@example.com><878xt4btgy.fsf@example.com><d8fcc0800601250446l10d5237t@example.com><30ce84360601251541h7962c47fl@example.com>
- User-agent: Mutt/1.5.11
Ian Wells wrote: > Indeed. Wasn't there a security flaw which meant that (a) you could send an > event to get pretty much anything to execute untrusted code and (b) you > tried to send it to e.g. the virus scanner's UI, which was running priv'ed > at the time? The fix may have involved checking events properly in the > Windows application (possibly the library). > > This is all from memory, so probably distorted. No, it is quite correct I think. Although IIRC it had to be a textbox where you send the message. AFAICS this is similar to the WMF bug in that it stems back design decisions in the first versions of Windows runnning on pre-386 era processors. -- Tobias PGP: http://9ac7e0bc.uguu.de
- References:
- [tlug] webmail password protection?
- From: Jim Tittsler
- Re: [tlug] webmail password protection?
- From: David J Iannucci
- Re: [tlug] webmail password protection?
- From: Stephen J. Turnbull
- Re: [tlug] webmail password protection?
- From: Josh Glover
- Re: [tlug] webmail password protection?
- From: Ian Wells
- [tlug] webmail password protection?
- Prev by Date: Re: [tlug] 2G SD Card Adventures on a Zaurus
- Next by Date: [tlug] Hassle Free URL for Archives
- Previous by thread: Re: [tlug] webmail password protection?
- Next by thread: [tlug] Tired of losing contact data
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |