OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: Win 2000 & IE 'shell://' problem?
From: office (officeSAPOSEN.COM)
Date: Sun Jun 11 2000 - 22:21:34 CDT


Hi

On *Japanese edition* of Windows 2000 and Internet Explorer, the shell://
problem was tested and reporded at the BBS,
http://www.office.ac/tearoom/noframe.cgi

The Result:

Vulnerable:
Windows 2000 5.00.2195 + IE 5.00.2920.0000
Windows 2000 5.00.2195 + IE 5.50.4030.2400
Windows 2000 5.00.2195 Service Pack 1, RC 1.59 + IE 5.00.2920.0000(128-BIT SP1)
Windows 2000 Server 5.00.2195 + IE 5.00.2195.0000
Windows 2000 Pro 5.00.2195 + IE 5.00.2920.0000
Windows 2000 Pro 5.00.2195 + IE 5.50.4030.2400

Unvulnerable:
Windows 2000 5.00.2195 Service Pack 1 + NetscapeNavigator 4.08
Windows NT Server 4.0 SP6a + IE 5.00.2919.6307
Windows NT4.0 SP6a 4.00.1381 + IE 5.50.4030.2400
Windows 98 Second Edition 4.10.2222 A + IE 5.50.4030.2400
windows 95 + Netscape Navigator 4.6

(windows 98 wasn't effected 30 minutes later)

Thanks to the cooperators of this report,
xcorp proc-xbigfoot.com
Kojima kjmrins.ryukoku.ac.jp
KuniG kunigsaposen.com
Hitomi hitomioffice.ac
5super 5superoffice.ac
aiai redstarorihime.net
Kagemaru
Iwaki
Shiran
Ohmura yutakatama.or.jp

--
office
http://www.office.ac/