Potential Internet Explorer Security Risk

From: Kyle L. (binaryat_private)
Date: Wed Aug 15 2001 - 14:44:50 PDT

  • Next message: Kevin Gagel: "Re: IE bookmark 'clever' feature not so clever after all"

    Potential Security Risk with Internet Explorer
    This was tested on version: 5.00.2614.3500 with Windows 98 SE 4.10.2222A.
    
    I was playing with Favorites and added a favorite with the name of
    'www.dsakfjhasdfj.com' and set it to point to the address
    'c:\command.com'. dont include the '' characters.....
    
    I then typed in 'www.dsakfjhasdfj.com' in the address bar and it loaded up
    the msdos command prompt window. You can write a javascript to add a
    Favorite or edit Startpage in internet explorer. A window usually pops up
    asking if you want to add it as a Favorite or Startpage, but if the
    security settings are low, it would automatically do it without asking.
    You could make the favorite point to files on the local system and have
    them executed. I have not gone into depth testing this, but if the user
    had deltree or other similar programs, serious damage could occur.
    
    If you have the javascript on a website auto add a favorite of say,
    'www.dsakfjhasdfj.com' and then make a link on the website that the user
    was required to click to enter into the main page, it would look up
    'www.dsakfjhasdfj.com' and find that it was not a valid website, and then
    run the address that was in the favorite named 'www.dsakfjhasdfj.com' (if
    the user was to enter the page). Also try redirecting the user
    automatically to the address.
    
    I haven't tried making the default page load up command.com, but it may
    work as well.
    
     -- Kyle L. [binaryat_private]
    



    This archive was generated by hypermail 2b30 : Wed Aug 15 2001 - 15:15:32 PDT