Free Republic
Browse · Search 		News/Activism
Topics · Post Article

To: Bush2000
You're either lying -- or you're tuning the sample to your config.

I'm doing neither. I'm simply running the demo:

http://secunia.com/Internet_Explorer_File_Download_Extension_Spoofing_Test/

If I understand it correctly, they are claiming that you can be led to believe you are opening an PDF file, instead of something else.

The demo actually opens an HTML file. But, it could just as easily be an executable. If I can figure out all the details, I'll create a better demo.

BTW, Mozilla Firebird will do something similar, with one exception: it will tell you that you are opening an HTML file, rather than a PDF file. Since Firebird will warn you separately about opening an executable file, the protection is a little better, but not foolproof for people that open attachments in email from unknown senders.

27 posted on 01/28/2004 2:16:13 PM PST by justlurking
[ Post Reply | Private Reply | To 24 | View Replies ]

To: All
A bit of additional info: the Adobe Acrobat plugin is usually launched immediately when one clicks on a PDF link.

However, this exploit prompts you for the download, which is unusual behavior if you recognize it. The issue seems to be the ability to obscure the true type of the file being downloaded.

30 posted on 01/28/2004 2:35:31 PM PST by justlurking
[ Post Reply | Private Reply | To 27 | View Replies ]

Free Republic
Browse · Search 		News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson