Full Disclosure mailing list archives
XP security hole uplddrvinfo.htm
From: lists.netsys.com () jscript dk (Thor Larholm)
Date: Tue, 10 Sep 2002 21:07:43 +0200
From: "Paul Tinsley" <Paul.Tinsley () phyve com> Excerpt from Gibson Research (http://grc.com/default.htm) Attention Windows XP Users This vulnerability allows the files contained in any specified directory on your system to be deleted if you click on a specially formed URL.
Credit due where credit is, Steve really should be crediting Shane Hird who discovered this vulnerability. You can see his post here: http://cert.uni-stuttgart.de/archive/bugtraq/2002/08/msg00224.html And you can try a proof-of-concept here: http://jscript.dk/2002/8/sec/xphelpdelete.html And you can see all of the 20 publicly known unpatched vulnerabilities in Internet Explorer here: http://www.pivx.com/larholm/unpatched/
Current thread:
- XP security hole uplddrvinfo.htm Paul Tinsley (Sep 10)
- XP security hole uplddrvinfo.htm Thor Larholm (Sep 10)
- <Possible follow-ups>
- XP security hole uplddrvinfo.htm Paul Tinsley (Sep 10)
- XP security hole uplddrvinfo.htm Georgi Guninski (Sep 10)
- XP security hole uplddrvinfo.htm gobbles () hush com (Sep 10)
- XP security hole uplddrvinfo.htm gobbles () hush com (Sep 10)