Re: Internet Explorer Code Execution Bypass Vulnerability

[<cmthemc () yahoo com>]

In-Reply-To: <20041217170337.26668.qmail () www securityfocus com>

Hello,
  I'm a little bit confused as to why you would classify this as a "vulnerability" -- or even relate it to internet 
explorer at all... I think you have confused the simple html parsing of Active Desktop with microsoft internet 
explorer... however, what you have listed as an "avoid/overrun/bypass" to the "new protection(?)" on "IE (winxp sp2)", 
is neither an avoid, overrun, or bypass. When the html with js code is executed from within ie, sp2 still performs its 
magic. I'm afraid this was a weak attempt to get your name on the board.

-cmthemc

> Last week I discovered a vulnerability to avoid/overrun/bypass the new protection for Local JS Execution on IE (winxp 
> sp2)
>
> --cut here--
>
> &lt;script&gt;
> window.alert("Example Exploit");
> &lt;/script&gt;
>
> --cut here--
>
> (Copy and paste into your Notepad and save it as EXAMPLE.HTM)
>
> If you open EXAMPLE.HTM, your IE blocks this code and shows a yellow bar over the webpag.
>
> But I discovered a vulnerability to allow Local JS Code to execute on IE, the exploit is:
>
> "Go to Control Panel / Display Config and set as the desktop background the example webpage (EXAMPLE.HTM), once this 
> is done, the code will be executed without showing any warning in IE"
>
> ----------------------
>
> My Webpag:  www.madantrax.cjb.net
> My ClanWeb: www.darknessteam.com
> ForumClan:  foro.darknessteam.com