Lucene search
K

clsidext.txt

🗓️ 17 Apr 2001 00:00:00Reported by Georgi GuninskiType 
packetstorm
 packetstorm
🔗 packetstormsecurity.com👁 22 Views

Caution when double clicking files in Windows Explorer or Internet Explorer; risk of executing malware.

Code
` [email protected] Georgi Guninski security advisory #42, 2001  
  
Double clicking on innocent looking files may be dangerous  
  
Systems affected:  
Windows Explorer, Internet Explorer - Windows 98, 2000 - when browsing directories or shares  
  
Risk: High  
Date: 16 April 2001  
  
Legal Notice:  
This Advisory is Copyright (c) 2001 Georgi Guninski. You may distribute it unmodified.  
You may not modify it and distribute it or distribute parts of it without the author's  
written permission.  
  
Disclaimer:  
The information in this advisory is believed to be true based on experiments though it may be  
false.  
The opinions expressed in this advisory and program are my own and not of any company.  
The usual standard disclaimer applies, especially the fact that Georgi Guninski  
is not liable for any damages caused by direct or indirect use of the information  
or functionality provided by this advisory or program.  
Georgi Guninski bears no responsibility for content or misuse of this advisory or program or  
any derivatives thereof.  
  
Description:  
  
By double clicking from Window Explorer or Internet Explorer on filenames with innocent  
extensions the user may be tricked to execute arbitrary programs.  
  
Details:  
If the file extension is certain CLSID e.g.:  
testhta.txt.{3050F4D8-98B5-11CF-BB82-00AA00BDCE0B}  
then Windows explorer and IE do not show the CLSID and only the .txt extension,  
while the above file is in fact .hta file.  
Some exploit scenarios include leaving such malicous files on shared resources or  
sending them in archive by email.  
  
Workaround: Do not doubleclick from Windows Explorer or Internet Explorer  
  
Demonstration:  
http://www.guninski.com/testhta1.zip  
  
Vendor status:  
Microsoft was informed on 11 April 2001  
  
Regards,  
Georgi Guninski  
http://www.guninski.com  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation