Full Disclosure mailing list archives
RE: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part IV
From: <tlarholm () pivx com>
Date: Fri, 2 Jan 2004 11:37:46 -0800
Naturally, this only works from a local security zone such as the My Computer zone. You cannot exploit the Shell.Application object from the Internet Zone where you get an explanatory "Permission Denied" error. This eases the process of abusing local security zone privileges but does not change that you could already download and execute files when inside a local security zone. If you want to "exploit" this from the Internet Zone you still need to rely on yet another cross-domain vulnerability to gain access to the My Computer zone where you could already use ADODB and codeBase to execute files. One more way to do the same, but definitely a more explanatory and simplistic approach ;) Naturally, locking down the My Computer zone prevents this exploit from working - personally, I would recommend installing Qwik-Fix and forget about command execution vulnerabilities in IE :) Regards Thor Larholm Senior Security Researcher PivX Solutions 24 Corporate Plaza #180 Newport Beach, CA 92660 http://www.pivx.com thor () pivx com 949-231-8496 PivX defines "Proactive Threat Mitigation". Get a FREE Beta Version of Qwik-Fix <http://www.qwik-fix.net> -----Original Message----- From: http-equiv () excite com [mailto:1 () malware com] Sent: Thursday, January 01, 2004 2:42 PM To: full-disclosure () lists netsys com Subject: [Full-disclosure] Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part IV <snip http://lists.netsys.com/pipermail/full-disclosure/2004-January/015144.ht ml> _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part IV http-equiv () excite com (Jan 01)
- Re: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part IV Erik van Straten (Jan 02)
- Re: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part IV morning_wood (Jan 02)
- Re: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part IV Jelmer Kuperus (Jan 02)
- Re: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part IV Will Image (Jan 02)
- Re: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part IV morning_wood (Jan 02)
- Re: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part IV Thor Larholm (Jan 02)
- Re: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part IV morning_wood (Jan 02)
- RE: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part IV Bojan Zdrnja (Jan 02)
- Re: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part IV Erik van Straten (Jan 02)
- <Possible follow-ups>
- RE: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part IV tlarholm (Jan 02)
- RE: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part IV tlarholm (Jan 02)
- Re: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part IV http-equiv () excite com (Jan 02)
- Re: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part IV JacK (Jan 03)
- Re: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part IV John Bisley (Jan 05)
- RE: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part IV tlarholm (Jan 05)