Full Disclosure mailing list archives
Re: Re: another filename bypass vulnerability - fromcmd.exe
From: Thierry Zoller <Thierry () Zoller lu>
Date: Fri, 18 Nov 2005 13:48:26 +0100
Dear barabas mutsonline, bm> Let's imagine there's an IE bug (quite hard to imagine, but ok) bm> .... bm> bm> adrianlima.gif and execute it using wsscript shell object run cmd /c adrianalima.gif (in vbs e.g.) bm> just a thought, haven't tested it nor have I written l33t PoC :p Thanks, nice, haven't thought of this :) -- http://secdev.zoller.lu Thierry Zoller _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: another filename bypass vulnerability - fromcmd.exe barabas mutsonline (Nov 18)
- Re: Re: another filename bypass vulnerability - fromcmd.exe Thierry Zoller (Nov 18)