|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Young, Brandon (Brandon.Young_at_Honeywell.com)
Date: Tue Oct 01 2002 - 18:58:51 CDT
All,
Has anyone tested this to determine if this exploit (http://online.securityfocus.com/archive/1/289268 ) will insert the
whole file or just it's contents. To be more specific, would it be possible to use this exploit to get an end user to
send you a copy of their PWL or SAM file (from repair directory)?
From the information I have seen, it is unclear as to exactly how the content is attached to the malicious document,
whether it is only including a copy of the actual text or of it is treating the file as an attachment. I plan to test
this next week (hopefully) but thought I'd check to see if any of you have beaten me the punch.
Thanks,
Brandon
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]