View Single Post
Old 22nd August 2004, 03:38   #7
shaneh
Major Dude
 
Join Date: Jan 2004
Location: Brisbane, Australia
Posts: 1,193
Yeah it is kindof an exploit in IE.. I am not sure if SP2 fixes this problem. However, I think it is a bit of an exploit on behalf of Winamp in that it allows all files contained within a .zip file to be copied to the local machine to a predictable location without prompts. This could be exploited in quite a number of ways...

Just restricting .exes wont fix it either, as .htas, .js, .bat etc could be abused too. Even .htm files can be dangerous when run from the local machine.

EDIT: I realised it doesnt put it in a predictable location, as it is extracted to a random temp directory. But nonetheless, downloading and saving arbritrary files to the local machine without prompting is not a terribly good idea.

As for below: You cannot inspect a .wsz file before it is downloaded and used. IE automatically downloads it and sends it to Winamp without any prompts, which then automatically extracts it and 'executes' it.

Last edited by shaneh; 22nd August 2004 at 05:56.
shaneh is offline   Reply With Quote