|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: .MHT Buffer Overflow in Internet Explorer
http-equiv
excite.com
Date: Tue Mar 11 2003 - 11:13:21 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
<!--
The following sample format contains malformed MIME header along with
the Base64 encoded executable.
----------------------------------------------
MIME-Version: 1.0
------=_NextPart_000_0000_01C2E1F4.0D559EA0
Content-Location:file:///tomatell.exe
Content-Transfer-Encoding: base64
TVpQ
----------------------------------------------
-->
Excellent!
Yes, there has always been something suspicious about that spot.
Simply writing the word [header] GIF89a in the same spot will create
an empty image container:
------phuquedup.mhtml-----
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
GIF89a
------phuquedup.mhtml-----
End Call
--
http://www.malware.com
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]