Re: ActiveX security hole reported.

• To: Gary Meltzer <garym@softshore.com.au>
• Subject: Re: ActiveX security hole reported.
• From: "Ray W. Hiltbrand" <Ray.W.Hiltbrand@Eng.Auburn.EDU>
• Date: Wed, 14 Aug 1996 14:12:36 -0500
• CC: Stephen Cobb <stephen@iu.net>, trei@process.com, www-security@ns2.rutgers.edu
• Organization: College of Engineering Auburn University
• References: <1.5.4.32.19960813215752.00592ca0@iu.net> <B0000005189@twice.softshore.com.au>

The difference is the page may say turn off your computer
but the active X "program" may be advertised itself
as something else such the next killer program or 
somethings along those lines.  



Gary Meltzer wrote:
> 
> On Tue, 13 Aug 1996 17:57:52 -0400, stephen@iu.net wrote:
> 
> >>Some guy has written an ActiveX control which crashes windoze95... I don't
> >>use windoze so can't try it, but if someone else is brave, I'd love to know
> >>if it works...
> >>
> >
> >Yes, it works, turns off the machine...quite impressive.
> 
> Which part do people find the most impressive? -
> that the Win95 shutdown API works as documented
> or that all these security experts are downloading and running
> software designed to do something they don't want?
> 
> How does this control differ from an HTML page that tells
> readers to turn the power switch off?
> 
> - G.

--
Ray W. Hiltbrand                Ray.W.Hiltbrand@eng.auburn.edu
Engineering Network Services
Auburn University     http://www.eng.auburn.edu/~rayh/rayh.htm
   If it doesn't do what you want, subclass and override.

• Re: ActiveX security hole reported.
• From: Stephen Cobb <stephen@iu.net>
• Re: ActiveX security hole reported.
• From: garym@softshore.com.au (Gary Meltzer)

• Previous: mailto:www-security@ns2.rutgers.edu
• Next: RE: Netscape is out of memory?
• Index(es):
  • Index
  • Thread