lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20040714023338.439.qmail@web21504.mail.yahoo.com> From: l33tprincess at yahoo.com (L33tPrincess) Subject: Re: IE Shell URI Download and Execute, POC Ferruh, Is this a new variant (wscript.shell)? Is the vulnerability mitigated by today's Microsoft patch? Hello; Code is based on http://www.securityfocus.com/archive/1/367878 (POC by Jelmer) message. I just added a new feature "download" and then execute application. Also I use Wscript.Shell in Javascript instead of Shell.Application. --------------------------------- Do you Yahoo!? New and Improved Yahoo! Mail - 100MB free storage! -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040713/ca603d4c/attachment.html