[Esa-l]IMPSEC works - or does it.

John D. Hardin jhardin at impsec.org
Fri May 18 06:43:12 PDT 2001

On Fri, 18 May 2001, Howard Lowndes wrote:

> I assume that php used file magic to determine what the file type
> was and was able to display the spreadsheet because it clearly did
> not use the file name extension and the MIME type was
> application/octet-stream.

Running on a *nix box, that's a safe assumption.

> What concerns me is whether any macros would have been executable
> had they been embedded.

Did it just render the spreadsheet, or did Excel actually get started
on the client's computer (perhaps embedded in their browser)? If the
latter, then yes, macros probably would get executed.

In this case there's little the sanitizer could do.

Does anybody know of a strip-VBA-from-MS-Office-Documents perl module?

 John Hardin KA7OHZ   ICQ#15735746   http://www.wolfenet.com/~jhardin/
 jhardin at wolfenet.com      pgpk -a finger://gonzo.wolfenet.com/jhardin
  768: 0x41EA94F5 - A3 0C 5B C2 EF 0D 2C E5  E9 BF C8 33 A7 A9 CE 76 
 1024: 0xB8732E79 - 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
  An entitlement beneficiary is a person or special interest group
  who didn't earn your money, but demands the right to take your
  money because they *want* it.
                                  -- John McKay, _The Welfare State:
                                     No Mercy for the Middle Class_
   1264 days until the Presidential Election

More information about the esd-l mailing list