Would you like to make this site your homepage? It's fast and easy...
Yes, Please make this my home page!
the contents of messages you receive and forward. Details are published
on the Wired website in the following articles:
A single person using an email client that supports HTML mail can mean
your email is being read by unauthorized parties.
The Business Section (Section C) of the January 29 or February 5, 2001'th's
New York Times entitled "A new Trick Gives Snoops Easy Access To E-Mail".
a copy of every reply or forward to an email address specified by the originator.
who clicks "Reply" or "Forward" can continue the chain. A similar
article was published in the Denver Post.
Aspects of the vulnerability
There are two aspects to the vulnerability:
Will your system execute the code and send the message to the wire tap?
you reply to or forward the email?
EMail Clients Affected
Outlook, Outlook Express and Netscape 6 all have this security hole. To
EMail. However, that's not the end of the story, if your email client doesn't
then your comments could be "wire tapped".
There are demonstration
pages available to see if you are potentially affected by this vulnerablity.
I am not aware if they test for the propogation of the virus or just whether
your client is vulnerable.
Foundation for users of:
My tests indicate that the Poco is both immune from and does not
||"Will Poco pass along the wiretapping script without executing it?"|
|Slaven's response was:|
||"Definitely not, unless the message as a whole is somehow saved, then sent as an