mailing list archives
RE: MSIE:"SaveRef" turns Zone off
From: "Thor Larholm" <thor () pivx com>
Date: Wed, 2 Oct 2002 14:06:58 +0200
This also works in IE5.5 as well.
Besides reading cookies from arbitrary sites, this vulnerability also allows
local file reading and execution - when combined with the OBJECT
crossprotocol redirection vulnerability.
Thor Larholm, Security Researcher
PivX Solutions, LLC
Are You Secure?