Search:  

 
theme to white backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Another IE Exploit » Scary!
Search Topic:
 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Post a:
Post a:
IE all the way »
« Great slashdot quotes  
AuthorAll Replies


Nam Vet
Premium
join:2001-12-03
Allentown, PA

2 edits		reply to tc17
Re: Scary!

Click for full size
I E 6
Click for full size
FIREBIRD
I'll say your missing something!
yes it is a html file but you are led to believe its a pdf!

it's the download dialog box that is not letting you know the correct file type!
if you chose to open this file thinking its a pdf does acrobat reader open? NO!!!

Although if you download the file (at least in the case of this exploit demo) and then try to open it windows now thinks its a pdf because of its extension.

so after downloading it when you try to open it acrobat reader opens but you get an error message either because its zero bytes or because its an html file.

If the demo actually was not zero bytes and you did download an html file either windows explorer would append the correct extension to the file(maybe) or if it still said it was a pdf then acrobat would try to open it but you would get an error message (from acrobat reader) that the file was an invalid format.

using a zero byte file for this demo was not the right thing to do, however the demo is correct in pointing out that the IE download dialog box shows an incorrect extension or does not reveal (NOTE THE EMPTY "FILE TYPE" LINE) The correct file type

btw using firebird is not the same thing!
it's download dialog box lets you know its an html file!
--
H O W T R U E : If you want something done, ask a busy person to do it
to forum · permalink · · 2004-01-30 06:17:37 · Reply to this
Forums » Another IE ExploitIE all the way »
« Great slashdot quotes  

Wednesday, 02-Dec 06:14:59 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [151] Comcast Releasing Promised Usage Meter
· [69] Baltimore To Ban Lazy Cable Installs
· [56] Broadband Killed The Game Console
· [55] Latest Consumer Reports Survey Not Kind To AT&T
· [52] Rogers Unveils The ISP Dream Model
· [44] ACTA: Global Three Strikes
· [41] Rural Carriers Quickly Embracing Fiber
· [35] Charter Exits Chapter 11
· [33] AT&T Top Lobbyist Cicconi Has His Feelings Hurt
· [26] Vivendi Agrees, Comcast/NBC Deal Soon
Most people now reading
· [Newsgroups] Newzleech down? [Filesharing Software]
· Windows 7 boot manager editing questions [Microsoft Help]
· Security Software Updates - 1 Dec 2009 [Security]
· [Newsgroups] Newzleech is either down or gone for good... [Filesharing Software]
· ToC 4th boss - Preliminary Strategy for Twin Valkyr [World of Warcraft]
· Heating - my dad gave me this advice... [Home Repair & Improvement]
· [WIN7] Outlook express under Windows 7? [Microsoft Help]
· [Snow Leopard] NFS Mounts - no more Directory Utility [All Things Macintosh]
· [Scam] Cruise line mail? [Spam, Scam and Phishbusters]