Re: A new security HOLE

---

• From: DevilsPGD <spam_narf_spam@xxxxxxxxxxxx>
• Date: Mon, 26 Mar 2007 13:07:04 -0600

---

In message <1174904883.644782.38620@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
ghaaaaaaz@xxxxxxxxx wrote:

i was building this page some time ago and found a vulnerablity in ie6
that lets browser load victim files . in this example windows's
default background file , C:\Documents and Settings\All Users\Documents
\My Pictures\Sample Pictures\sunset.jpg is loaded with an img tag.
http://d.1asphost.com/amar4 , this is for educational purposes only.

And?

Unless you can upload that file to the web server, or otherwise
distribute it or do something malicious, what's the issue?
--
Insert something clever here.
.

---

• References:
  • A new security HOLE
    • From: ghaaaaaaz

• Prev by Date: Re: user prompt credentials
• Next by Date: Re: what do I do?
• Previous by thread: A new security HOLE
• Next by thread: user account get locks frequently
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.windows.server.security  > 2007-03