Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: IE Shell URI Download and Execute, POC
From: L33tPrincess <l33tprincess () yahoo com>
Date: Tue, 13 Jul 2004 19:33:38 -0700 (PDT)

Is this a new variant (wscript.shell)?  Is the vulnerability mitigated by today's Microsoft patch?

Code is based on http://www.securityfocus.com/archive/1/367878 (POC by
Jelmer) message. I just added a new feature "download" and then execute
application. Also I use Wscript.Shell in Javascript instead of

Do you Yahoo!?
New and Improved Yahoo! Mail - 100MB free storage!

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]