Vulnerability Development mailing list archives

Re: Disabling the MSIE hole.

From: Magnus Bodin <magnus () bodin org>
Date: Wed, 13 Mar 2002 17:51:38 +0100

On Wed, Mar 13, 2002 at 11:46:27AM -0500, leon wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I thought just turning of active scripting fixes the hole?


Yes. Turning off active scripting fixes it.


Here is a test-URL for those who got the code mangled:

(IT DOES NOT run logoff.exe, but calc.exe, i.e. mostly harmless)


        <http://x42.com/test/calc.jpg>


/magnus

-- 
Word of the week: shou tào (mittens) 
   <http://x42.com/i/cn/pct/shou_tao.jpg>

Current thread:

Rather large MSIE-hole Magnus Bodin (Mar 12)
- Re: Rather large MSIE-hole Jon Zobrist (Mar 12)
- Disabling the MSIE hole. Suresh P (Mar 12)
  - Re: Disabling the MSIE hole. Bob at firstcodings (Mar 13)
  - RE: Disabling the MSIE hole. leon (Mar 13)
    - Re: Disabling the MSIE hole. Magnus Bodin (Mar 13)
- Re: Rather large MSIE-hole Magnus Bodin (Mar 12)
  - Re: Rather large MSIE-hole NyQuist (Mar 13)
    - Re: Rather large MSIE-hole NoCoNFLiC (Mar 13)
    - Re: Rather large MSIE-hole methodic (Mar 14)
    - Re: Rather large MSIE-hole Felipe Franciosi (Mar 14)
    - Re: Rather large MSIE-hole KF (Mar 14)
    - Re: Rather large MSIE-hole jon schatz (Mar 14)
    - Re: Rather large MSIE-hole NoCoNFLiC (Mar 15)
- FW: [Re: Rather large MSIE-hole] another variant NoCoNFLiC (Mar 15)
  - Re: [Re: Rather large MSIE-hole] another variant (NAV and Finjan block this) David Barnett (Mar 16)

(Thread continues...)