{"id":15565,"date":"2011-09-21T09:15:00","date_gmt":"2011-09-21T07:15:00","guid":{"rendered":"https:\/\/mamchenkov.net\/wordpress\/?p=15565"},"modified":"2011-09-21T09:15:00","modified_gmt":"2011-09-21T07:15:00","slug":"microsoft-vulnerability-now-served-with-plain-text-files","status":"publish","type":"post","link":"https:\/\/mamchenkov.net\/wordpress\/2011\/09\/21\/microsoft-vulnerability-now-served-with-plain-text-files\/","title":{"rendered":"Microsoft vulnerability, now served with plain text files"},"content":{"rendered":"<!-- google_ad_section_start -->\n<p>It is the year 2011 and we learn that even <a href=\"http:\/\/technet.microsoft.com\/en-us\/security\/bulletin\/ms11-071\">opening plain text files in Microsoft Windows is not as safe<\/a> as you thought.<\/p>\n<blockquote><p>The vulnerability could allow remote code execution if a user opens a legitimate rich text format file (.rtf), text file (.txt), or Word document (.doc) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user.<\/p><\/blockquote>\n<p>You&#8217;ve got all your buzz words here: remote code execution; legitimate rich text, text, or Word document; network directory; local user rights, etc. \u00a0It&#8217;s good to know that it&#8217;s fixed. \u00a0Yet it&#8217;s still worrying as to what else is there &#8230;<\/p>\n<!-- google_ad_section_end -->\n","protected":false},"excerpt":{"rendered":"<!-- google_ad_section_start -->\n<p>It is the year 2011 and we learn that even opening plain text files in Microsoft Windows is not as safe as you thought. The vulnerability could allow remote code execution if a user opens a legitimate rich text format file (.rtf), text file (.txt), or Word document (.doc) that is located in the same &hellip; <a href=\"https:\/\/mamchenkov.net\/wordpress\/2011\/09\/21\/microsoft-vulnerability-now-served-with-plain-text-files\/\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">Microsoft vulnerability, now served with plain text files<\/span><\/a><\/p>\n<!-- google_ad_section_end -->\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"_links_to":"","_links_to_target":""},"categories":[1,133,62],"tags":[2077,200],"keyring_services":[],"class_list":["post-15565","post","type-post","status-publish","format-standard","hentry","category-general","category-sysadmin","category-technology","tag-microsoft-windows","tag-security"],"aioseo_notices":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack-related-posts":[{"id":7494,"url":"https:\/\/mamchenkov.net\/wordpress\/2004\/05\/10\/vim-for-perl-developers\/","url_meta":{"origin":15565,"position":0},"title":"Vim for Perl developers","author":"Leonid Mamchenkov","date":"May 10, 2004","format":false,"excerpt":"This is my attempt to provide a clear and simple instructions on adopting Vim text editor for programming needs. I am using Perl as the programming language in the examples, but most of this document will apply equally for any other programming language. Update: This post was translated into Portuguese\u2026","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":22331,"url":"https:\/\/mamchenkov.net\/wordpress\/2014\/08\/05\/textract-extract-text-from-any-document\/","url_meta":{"origin":15565,"position":1},"title":"textract &#8211; extract text from any document","author":"Leonid Mamchenkov","date":"August 5, 2014","format":"link","excerpt":"textract - extract text from any document. \u00a0Currently supports\u00a0.doc, .docx, .eml, .json, .html, .pptx, .pdf, and .txt.","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":14521,"url":"https:\/\/mamchenkov.net\/wordpress\/2011\/03\/09\/chmod-text-modes\/","url_meta":{"origin":15565,"position":2},"title":"chmod text modes","author":"Leonid Mamchenkov","date":"March 9, 2011","format":false,"excerpt":"I came across this blog post which praises text modes for \/bin\/chmod. There are two ways you can change file permissions in Unix - one is using\u00a0chmod's symbolic (text) modes (like\u00a0chmod ug+x file), the other is using the octal modes (like\u00a0chmod 0660 file). It turns out that symbolic modes are\u2026","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7374,"url":"https:\/\/mamchenkov.net\/wordpress\/2004\/03\/23\/what-does-the-applicationmsword-antiword-mean-in-the-mailcap-file\/","url_meta":{"origin":15565,"position":3},"title":"What does the &#8220;application\/msword antiword&#8221; mean in the mailcap file?","author":"Leonid Mamchenkov","date":"March 23, 2004","format":false,"excerpt":"\"mailcap application\/msword antiword\" Mailcap file (usually \/etc\/mailcap or ~\/.mailcap) is the file, which is used by many email clients. This file specifies how application, such as email client, should handle a certain type of file (usually attachment). If mailcap contains the line which looks like application\/msword; antiword %s , then\u2026","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":9073,"url":"https:\/\/mamchenkov.net\/wordpress\/2005\/06\/14\/sending-bulk-html-emails-with-perl\/","url_meta":{"origin":15565,"position":4},"title":"Sending bulk HTML emails with perl","author":"Leonid Mamchenkov","date":"June 14, 2005","format":false,"excerpt":"First of all, I have to warn you that using HTML in emails is almost always inappropriate. Use plain text. If you have to send HTML, than send it as an attachment. For those cases, where HTML message has to be sent and there is no choice in the matter,\u2026","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":8319,"url":"https:\/\/mamchenkov.net\/wordpress\/2004\/12\/10\/disappearing-files\/","url_meta":{"origin":15565,"position":5},"title":"Disappearing files","author":"Leonid Mamchenkov","date":"December 10, 2004","format":false,"excerpt":"Some known facts can use more reminders... Fedora Core Linux 2, as well as many other Linux and Unix machines, has a script (\/etc\/cron.daily\/tmpwatch) that is regularly executed by cron, which goes around your temporary directories and removes old files. This is a very useful utilty which helps to keep\u2026","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"jetpack_sharing_enabled":true,"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/posts\/15565","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/comments?post=15565"}],"version-history":[{"count":0,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/posts\/15565\/revisions"}],"wp:attachment":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/media?parent=15565"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/categories?post=15565"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/tags?post=15565"},{"taxonomy":"keyring_services","embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/keyring_services?post=15565"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}