[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow
- To: "Alexander Sotirov" <asotirov@xxxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow
- From: "Larry Seltzer" <Larry@xxxxxxxxxxxxxxxx>
- Date: Tue, 3 Apr 2007 22:41:03 -0400
>>Larry, why are you so curious about how this exploit works?
Because the Firefox docs say they don't support ANI files for cursors
and I can't get any non-malicious ones to work in it. I have to admit
I'm having trouble getting them to work in IE now too.
What's wrong with this code?
<HTML>
<BODY>
<style type="text/css">
BODY{cursor: url(http://www.larryseltzer.com/DRUM.ANI);}
</style>
This is a harmless animated cursor.<br>
This is a harmless animated cursor.<br>
This is a harmless animated cursor.<br>
This is a harmless animated cursor.<br>
</BODY></HTML>
Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blog.eweek.com/blogs/larry%5Fseltzer/
Contributing Editor, PC Magazine
larryseltzer@xxxxxxxxxxxxx
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/