BUG FIX Remote compromise of Internet Explorer Service Pack 2 XP SP2

["Michael Evanchik" <Mike () MichaelEvanchik com>]

Had a mistake in my code o well.  Works now

PoC: http://www.michaelevanchik.com/security/microsoft/ie/xss/index.html

http://www.michaelevanchik.com/security/microsoft/ie/xss/writehta.txt <--  avp's should add this



Here is some new adodb code AVP's should add.  No longer needed to connect to external source.  Malicious recordset can 
be built locally.


www.michaelevanchik.com


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html