[funsec] 2 critical vulns and the clock is ticking..[Fwd:
[EEYEB-2000801]]
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Tue Jan 10 23:34:52 CST 2006
On Tue, 10 Jan 2006 22:10:49 EST, "Richard M. Smith" said:
> Thanks for the background. Is there anyway to find out all the flavors of
> MIME types that Outlook and Outlook Express will accept as email messages?
Probably not. I suspect that LookOut! and friends will accepted almost
anything and try to display or execute it, even if it is a bad idea.
Hell, at one point, IE was perfectly willing to be handed a file called
'foo.jpg', and server typed as an image/jpeg, and *still* search the file
for Javascript to execute. Gaak.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://linuxbox.org/pipermail/funsec/attachments/20060111/cecba37a/attachment.pgp
More information about the funsec
mailing list