Full Disclosure mailing list archives
Re: CD-ROM drive opens
From: "Thor Larholm" <thor () pivx com>
Date: Thu, 26 Jun 2003 13:02:13 +0200
From: "Thor Larholm" <thor () pivx com>
Windows Media Player exposes several objects and methods to scripting through a safe-for-scripting, signed ActiveX control. Among those objects are the CD drive objects, which each have an Eject method. This is documented functionality in WMP, if you want to you can easily push the drive in and out in a constant cycle. If you don't like the features then don't use the product :) I remember people asking questions about ejecting CD drives back in 2000, and remember putting up an example in early 2001 ( http://jscript.dk/2001/3/cdrom.jpg ).
Though undocumented currently, I can now confirm that Microsoft has removed this functionality through the recently released MS03-021 bulletin. http://www.microsoft.com/technet/security/bulletin/MS03-021.asp MS03-021 fixes a vulnerability found by jelmer, as well as removing the ability to eject CD drives from webpages. Regards Thor Larholm PivX Solutions, LLC - Senior Security Researcher _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: CD-ROM drive opens Treu, Jill (Jun 25)
- Re: CD-ROM drive opens Thor Larholm (Jun 25)
- Re: CD-ROM drive opens Thor Larholm (Jun 26)
- RE: CD-ROM drive opens Nick FitzGerald (Jun 25)
- Re: CD-ROM drive opens Thor Larholm (Jun 25)