mailing list archives
RE: IE execution of arbitrary commands without Active Scripting
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Tue, 05 Mar 2002 15:35:23 +1200
Thomas Thornbury <thornt () optonline net> wrote:
This has got to be one of the scarier exploits in recent memory.
Nah -- _far_ from it.
Several people with a good record of finding truly bad holes in IE
and related s/w have been banging away at this for some time now.
First, to date no-one has found a way to use it for executing
arbitrary code and there have been several other holes recently that
do allow arbitrary code execution. Second, no-one has even found a
way to poke parameters to the programs that can be launched this
way, which have to have a fully specified, local to the target
program filename or pre-existing CLSID definition in the target
I'd rate it "mildly interesting"...
This does not mean MS should delay fixing it until some clever soul
does work out how to achieve either or both the above, but it
certainly makes it orders of magnitude less interesting and less
worrying than some of the recent "auto-detach and run" Email
attachments or MIME "inclusions" in web pages bugs.
Computer Virus Consulting Ltd.
Ph/FAX: +64 3 3529854