Title: Incredimail allows automatic over writing
of files on your hard disk
Release Date: 05/08/2001
Platform: Windows NT4
Build: 1400185 .. possibly earlier
builds as well
Severity: Malicious users can
easily over write system files.
Author: Obscure^ [email@example.com]
Vendor Status: Informed on 08
May 2001, issues a fix on 17th May 2001.
IncrediMail is an advanced email
program that offers you,
the user, an unprecedented interactive experience.
IncrediMail you can tailor your emails according
mood and personality. Visual effects will entertain
every sense. Go ahead. Express yourself like you
My comments: Incredimail does
really look quite cool, with
animations similar to the e-mail on Mission Impossible,
plus it's free.
Users can specify the filename
of the skin, notifyer, animation etc
This is specified in a text file called Content.ini,
found in the compressed skin or animation.
By appending the traditional dot dot to the filename,
can easily over write any files on the same partition
is intalled to.
The file is automatically downloaded and copied
to the client
machine when it accesses a site or e-mail which
starts a download
for the Incredimail file. If the file already
exists it tries
to over write it.
See the exploit example.
This webpage will simply create a file on C: (depends
partition you installed Incredimail) named Obscure.dat.
The information within this document
may change without notice. Use of
this information constitutes acceptance for use
in an AS IS
condition. There are NO warranties with regard
to this information.
In no event shall the author be liable for any
arising out of or in connection with the use or
spread of this
information. Any use of this information lays
within the user's
Please send suggestions, updates,
and comments to:
Eye on Security