From: Robin (robin@kallisti.net.nz)
Date: Fri Jan 06 2006 - 20:22:10 EST
On Saturday 07 January 2006 08:54, Brady McClenon wrote:
> to begin with?!? Obviously the user interacted with it at some point
> in the past in order to put it there. The exploit would have occurred
> at that point, not when the file indexer finds it later!
Not necessarily. I don't know if it's still the case, but Eudora used to
automatically save all attachments to a directory as they were received.
I'd imagine that would be a nice and handy vector. Also, if Google
Desktop should index browser caches, and the file was somehow safely
downloaded by the browser, then it could potentially hit there. There are
probably many other instances of apps automatically downloading and
saving files in a 'safe place'.
-- Robin <robin@kallisti.net.nz> JabberID: <eythian@jabber.kallisti.net.nz> Hostes alienigeni me abduxerunt. Qui annus est? PGP Key 0xA99CEB6D = 5957 6D23 8B16 EFAB FEF8 7175 14D3 6485 A99C EB6D
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:19 EDT