Microsoft Windows Shell CLSID File Extension Misrepresentation Vulnerability

The following example was provided:

Content-Disposition: attachment; filename=malware.{3050f4d8-98B5-
11CF-BB82-00AA00BDCE0B}fun_ball_gites_pie_throw%2Empeg"

A proof-of-concept page was also published at the following location:

http://www.malware.com/gooroo.html


 

Privacy Statement
Copyright 2010, SecurityFocus