Bugtraq mailing list archives

Re: IE execution of arbitrary commands without Active Scripting or ActiveX (GM#001-IE)

From: "Stefan Osterlitz" <stefan () osterlitz de>
Date: Fri, 1 Mar 2002 12:01:49 +0100

Solution:
=========

There is no configuration-tweaking workaround for this bug, it will work

as

long as the browser parses HTML. The only possible solution must come in

the

form of a patch from Microsoft.


IMHO this is wrong. you can disable the download of signed / unsigned
activex controls.
my ie version 5.00.2614.3500 w/patches is not vulnerable with that setting.

Tested on:
==========

IE5.5sp2 Win98, all patches, Active scripting and ActiveX disabled.
IE5.5sp2 NT4 sp6a, all patches, Active scripting and ActiveX disabled.
IE6sp1 Win2000 sp2, all patches, Active scripting and ActiveX disabled.
IE6sp1 WinXP, all patches, Active scripting and ActiveX disabled.

Current thread:

IE execution of arbitrary commands without Active Scripting or ActiveX (GM#001-IE) GreyMagic Software (Mar 01)
- Re: IE execution of arbitrary commands without Active Scripting or ActiveX (GM#001-IE) the Pull (Mar 01)
- Re: IE execution of arbitrary commands without Active Scripting or ActiveX (GM#001-IE) Stefan Osterlitz (Mar 01)
  - Re: IE execution of arbitrary commands without Active Scripting or ActiveX (GM#001-IE) Peter Wu (Mar 03)
  - RE: IE execution of arbitrary commands without Active Scripting or ActiveX (GM#001-IE) + Workaround. GreyMagic Software (Mar 03)
- RE: IE execution of arbitrary commands without Active Scripting or ActiveX (GM#001-IE) Thomas Thornbury (Mar 04)
  - RE: IE execution of arbitrary commands without Active Scripting Nick FitzGerald (Mar 05)