Hello all, Quite a few browser vulnerabilities (BugTraq ID 5473 - Web Folders HTML injection - being the latest) allow a web site to execute HTML code in "Local Computer" security zone. At least those bugs allow a web site to read local files. My question is: is there anythign else you can do with this type of bug? Like running arbitrary commands? Usually you have a piece of text of limited size that you can inject. This rules out Java applets as far as I understand. Wscript.Shell ActiveX control also seems to be a problem because IE shows a dialog box saying something about unsafe ActiveX controls. So is there anything else interesting one can do with cross-domain scripting? Alla.
This archive was generated by hypermail 2b30 : Thu Aug 22 2002 - 07:30:36 PDT