RE: MSIE:"SaveRef" turns Zone off

From: Thor Larholm (thorat_private)
Date: Wed Oct 02 2002 - 05:06:58 PDT

Next message: mattmurphyat_private: "Apache 2 Cross-Site Scripting"

Previous message: mattmurphyat_private: "[VulnWatch] Apache 2 Cross-Site Scripting"
Maybe in reply to: Liu Die Yu: "MSIE:"SaveRef" turns Zone off"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This also works in IE5.5 as well.

Besides reading cookies from arbitrary sites, this vulnerability also allows
local file reading and execution - when combined with the OBJECT
crossprotocol redirection vulnerability.

http://jscript.dk/2002/10/sec/SaveRefLocalFile.html




Regards
Thor Larholm, Security Researcher
PivX Solutions, LLC

Are You Secure?
http://www.PivX.com

Next message: mattmurphyat_private: "Apache 2 Cross-Site Scripting"
Previous message: mattmurphyat_private: "[VulnWatch] Apache 2 Cross-Site Scripting"
Maybe in reply to: Liu Die Yu: "MSIE:"SaveRef" turns Zone off"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Oct 02 2002 - 08:12:37 PDT