[25683] in bugtraq
RE: Microsoft Internet Explorer 'Folder View for FTP sites' Scrip
daemon@ATHENA.MIT.EDU (Thor Larholm)
Thu Jun 6 19:05:46 2002
Message-ID: <52D05AEFB0D95C4BAD179A054A54CDEB1BD4F0@mailsrv1.jubii.dk>
From: Thor Larholm <Thor@jubii.dk>
To: "'Eiji James Yoshida '" <ptrs-ejy@bp.iij4u.or.jp>,
"'bugtraq@securityfocus.com '" <bugtraq@securityfocus.com>
Cc: "'secure@microsoft.com'" <secure@microsoft.com>
Date: Thu, 6 Jun 2002 23:55:53 +0200
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-2022-jp"
I was a bit confused as to whether this had to be triggered _from_ the My
Computer zone, but tests quickly proofed that this is definitely remotely
exploitable.
To clear things up, this is yet another XSS vulnerability that allows
arbitrary HTML to be inserted in the My Computer zone. This makes it quite
easy to e.g. execute arbitrary commands, undoubtedly a more fun
demonstration:
http://jscript.dk/Jumper/xploit/ftpfolderview.html
Status: 18 unpatched vulnerabilities.
http://jscript.dk/Unpatched/
Regards
Thor Larholm
Jubii A/S - Internet Programmer
