Re: Rather large MSIE-hole
From: Slow2Show (sl2sho@yahoo.com)Date: 03/15/02
- Previous message: jon schatz: "Re: Rather large MSIE-hole"
- Maybe in reply to: Magnus Bodin: "Rather large MSIE-hole"
- Next in thread: John Swensson: "RE: Rather large MSIE-hole"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 15 Mar 2002 00:04:20 -0000 From: Slow2Show <sl2sho@yahoo.com> To: vuln-dev@securityfocus.com('binary' encoding is not supported, stored as-is)
In-Reply-To: <3C911CA2.90409@snosoft.com>
>Another thought... will this bug run an executable
>from a web page? If so you could just make your
>own binary to do whatever you wanted. Like
>http://mysiteathome.com/malware.exe or something
>along those lines. I would HOPE that it asks to save
>the file to disk or even better ignore it all together.
tested on XPPro, IE6 latest patches
here are my original ActiveX medium settings::
dl signed activex=prompt
dl unsigned activex=disable
init & script unsafe controls=disable
run activeX=enable
init & script safe controls=enable
if you use 'http://mysiteathome.com/malware.exe'
you get an error stating 'your current security settings
prohibit running activex...etc.'
if you use 'www.mysiteathome.com/malware.exe' it
just doesn't work period
I then changed to these low settings::
dl signed activex=enable
dl unsigned activex=prompt
init & script unsafe controls=prompt
run activeX=enable
init & script safe controls=enable
and I was then prompted if I would like to install and
run the exe file
so that is good...even on the lowest security setting it
doesn't work BUT...if you change dl unsigned
activex=enable then IE6 will run code from another
webserver on the local machine!!!!
lata,
-Slow2Show-
University of Florida
- Previous message: jon schatz: "Re: Rather large MSIE-hole"
- Maybe in reply to: Magnus Bodin: "Rather large MSIE-hole"
- Next in thread: John Swensson: "RE: Rather large MSIE-hole"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
