mailing list archives
Internet Explorer Code Execution Bypass Vulnerability
From: aikon none <aikon.bcn () gmail com>
Date: 17 Dec 2004 17:03:37 -0000
Last week I discovered a vulnerability to avoid/overrun/bypass the new protection for Local JS Execution on IE (winxp
(Copy and paste into your Notepad and save it as EXAMPLE.HTM)
If you open EXAMPLE.HTM, your IE blocks this code and shows a yellow bar over the webpag.
But I discovered a vulnerability to allow Local JS Code to execute on IE, the exploit is:
"Go to Control Panel / Display Config and set as the desktop background the example webpage (EXAMPLE.HTM), once this is
done, the code will be executed without showing any warning in IE"
My Webpag: www.madantrax.cjb.net
My ClanWeb: www.darknessteam.com
- Internet Explorer Code Execution Bypass Vulnerability aikon none (Dec 18)