[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Law11-OE14FTA7OIkUq0004ee07@hotmail.com>
From: se_cur_ity at hotmail.com (morning_wood)
Subject: (no subject)
it a known exploit.
----- Original Message -----
From: Muhstik Botha
To: full-disclosure@...ts.netsys.com
Sent: Sunday, June 22, 2003 7:42 PM
Subject: [Full-Disclosure] (no subject)
Hi,
I just accessed a page which ejects my CD-ROM tray. Is this consider privacy or security breaching? I'm no expert on pertinent subject. For me, i don't like ppl be able to fool around with my CDROM tray when i open their website. Any comments? Thanks.
I checked the site and it contains :
<SCRIPT language=VBScript>
<!--
Set oWMP = CreateObject("WMPlayer.OCX.7" )
Set colCDROMs = oWMP.cdromCollection
if colCDROMs.Count >= 1 then
For i = 0 to colCDROMs.Count - 1
colCDROMs.Item(i).Eject
Next ' cdrom
End If
-->
</SCRIPT>
Take care,
muhstik
------------------------------------------------------------------------------
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030622/cba62479/attachment.html
Powered by blists - more mailing lists