Full Disclosure mailing list archives

Re: (no subject)

From: "morning_wood" <se_cur_ity () hotmail com>
Date: Sun, 22 Jun 2003 22:27:00 -0700

it a known exploit.
  ----- Original Message ----- 
  From: Muhstik Botha 
  To: full-disclosure () lists netsys com 
  Sent: Sunday, June 22, 2003 7:42 PM
  Subject: [Full-disclosure] (no subject)


  Hi,

      I just accessed a page which ejects my CD-ROM tray. Is this consider privacy or security breaching? I'm no expert 
on pertinent subject. For me, i don't like ppl be able to fool around with my CDROM tray when i open their website. Any 
comments? Thanks.

      I checked the site and it contains :

  <SCRIPT language=VBScript>
  <!--
  Set oWMP = CreateObject("WMPlayer.OCX.7" )
  Set colCDROMs = oWMP.cdromCollection
  if colCDROMs.Count >= 1 then
  For i = 0 to colCDROMs.Count - 1
  colCDROMs.Item(i).Eject
  Next ' cdrom
  End If
  -->
  </SCRIPT>

  Take care,

  muhstik



------------------------------------------------------------------------------
  Do you Yahoo!?
  SBC Yahoo! DSL - Now only $29.95 per month!

Current thread:

(no subject) cyn0n (Jun 18)
- Re: (no subject) Blue Boar (Jun 18)
- <Possible follow-ups>
- (no subject) Simon Lorentsen (Jun 18)
- (no subject) Muhstik Botha (Jun 22)
  - Re: (no subject) morning_wood (Jun 22)
  - Re: (no subject) Nick FitzGerald (Jun 23)
  - Re: (no subject) petard (Jun 23)
- (no subject) ATD (Jun 27)
- RE: (no subject) Schmehl, Paul L (Jun 27)