[37819] in bugtraq
Re: Internet Explorer Code Execution Bypass Vulnerability
daemon@ATHENA.MIT.EDU (cmthemc@yahoo.com)
Mon Dec 20 12:34:52 2004
Date: 19 Dec 2004 20:47:06 -0000
Message-ID: <20041219204706.18299.qmail@www.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: <cmthemc@yahoo.com>
To: bugtraq@securityfocus.com
In-Reply-To: <20041217170337.26668.qmail@www.securityfocus.com>
Hello,
I'm a little bit confused as to why you would classify this as a "vulnerability" -- or even relate it to internet explorer at all... I think you have confused the simple html parsing of Active Desktop with microsoft internet explorer... however, what you have listed as an "avoid/overrun/bypass" to the "new protection(?)" on "IE (winxp sp2)", is neither an avoid, overrun, or bypass. When the html with js code is executed from within ie, sp2 still performs its magic. I'm afraid this was a weak attempt to get your name on the board.
-cmthemc
>
>Last week I discovered a vulnerability to avoid/overrun/bypass the new protection for Local JS Execution on IE (winxp sp2)
>
>--cut here--
>
><script>
>window.alert("Example Exploit");
></script>
>
>--cut here--
>
>(Copy and paste into your Notepad and save it as EXAMPLE.HTM)
>
>If you open EXAMPLE.HTM, your IE blocks this code and shows a yellow bar over the webpag.
>
>But I discovered a vulnerability to allow Local JS Code to execute on IE, the exploit is:
>
>"Go to Control Panel / Display Config and set as the desktop background the example webpage (EXAMPLE.HTM), once this is done, the code will be executed without showing any warning in IE"
>
>----------------------
>
>My Webpag: www.madantrax.cjb.net
>My ClanWeb: www.darknessteam.com
>ForumClan: foro.darknessteam.com
>
