Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CD-ROM drive opens

From: "Thor Larholm" <thor () pivx com>
Date: Thu, 26 Jun 2003 13:02:13 +0200
From: "Thor Larholm" <thor () pivx com>

Windows Media Player exposes several objects and methods to scripting
through a safe-for-scripting, signed ActiveX control. Among those objects
are the CD drive objects, which each have an Eject method. This is
documented functionality in WMP, if you want to you can easily push the
drive in and out in a constant cycle.

If you don't like the features then don't use the product :)

I remember people asking questions about ejecting CD drives back in 2000,
and remember putting up an example in early 2001 (
http://jscript.dk/2001/3/cdrom.jpg ).


Though undocumented currently, I can now confirm that Microsoft has removed
this functionality through the recently released MS03-021 bulletin.

http://www.microsoft.com/technet/security/bulletin/MS03-021.asp

MS03-021 fixes a vulnerability found by jelmer, as well as removing the
ability to eject CD drives from webpages.



Regards
Thor Larholm
PivX Solutions, LLC - Senior Security Researcher

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: