Full Disclosure mailing list archives

Re: Microsoft Internet Explorer Local File Accesses Vulnerability

From: Michal Zalewski <lcamtuf () dione ids pl>
Date: Mon, 19 Feb 2007 23:47:47 +0100 (CET)

On Tue, 20 Feb 2007, Rajesh Sethumadhavan wrote:

Microsoft Internet Explorer is a default browser bundled with all
versions of Microsoft Windows operating system.


Any luck with sending the data back to the attacker? SCRIPT and STYLE ones
can be used to steal data from very specifically formatted files, but
that's not a whole lot.

/mz

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Microsoft Internet Explorer Local File Accesses Vulnerability Rajesh Sethumadhavan (Feb 19)
- Re: Microsoft Internet Explorer Local File Accesses Vulnerability Michal Zalewski (Feb 19)
  - Re: Microsoft Internet Explorer Local File Accesses Vulnerability Peter Dawson (Feb 19)
    - Re: Microsoft Internet Explorer Local File Accesses Vulnerability Michal Zalewski (Feb 20)
- Re: Microsoft Internet Explorer Local File Accesses Vulnerability [7244ks] Microsoft Security Response Center (Feb 19)
- Re: Microsoft Internet Explorer Local File Accesses Vulnerability pdp (architect) (Feb 20)