Re: [Full-Disclosure] GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution

> please enlighten us on your versions numbers / patch levels wood.
> -KF
>
>
> morning_wood wrote:
> > Dunno but your message crashes OE on (pre)view.
> > no warning, no nothin... OE just *bink* closes
> > NICE JOB gta@hush.com.
> >

Symtoms were reported using the following:

Windows XP Pro ( Gold SP0 )
OE Version = 6.00.2600.0000(xpclient 010817-1148)

dll's not matching version sig:

csapi3t1.dll <unknown>
mshtml.dll 6.00.2734.1600
msoe.dll 6.00.2720.3000
msoeacct.dll 6.00.2800.1123
msoert2.dll 6.00.2800.1123
ole32.dll 5.1.2600.115(xpclient_qfe.021108-2107
riched20.dll 5.30.23.1210
riched32.dll 5.1.2600.0(xpclient 010817-1148)
wab32.dll <unknown>
wab32res.dll <unknown>

note: I was forced to go to hotmail via the web interface,
 and manualy delete the message to restore function.

further, my "Security" tab in options is set to "Internet Zone"
( less secure ) on the account in question.

 One more note of observance in OE6, each account can be independantly
set for "security" zones even in a single user machine. I now check
"security" settings on every account per machine ( not user login ) ,
however I have not noted if the settings are inherited from the current
IE security settings at the time of account creation ( but would explain
my different settings accross 6 accounts on a single usder box ).

Donnie Werner
http://exploitlabs.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Received on Sun Feb 15 23:14:50 2004