Доступ к файлам через htmlfile_FullWindowEmbed ActiveX в Internet Explorer(code execution)
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
Доступ к файлам через htmlfile_FullWindowEmbed ActiveX в Internet Explorer(code execution)
updated since 22.11.2001
Published:
27.11.2001
Source:
BUGTRAQ
SecurityVulns ID:
1580
Type:
client
Level:
7
/10
Описание:
Можно вставить файл в качестве ActiveX компонента htmlfile_FullWindowEmbed ({25336921-03F9-11CF-8FD0-00AA00686F13})
Affected:
MICROSOFT
:
Internet Explorer 5.01
MICROSOFT
:
Internet Explorer 5.5
MICROSOFT
:
Internet Explorer 6.0
Original document
Markus Kern
,
Internet Explorer allows reading of local files by remote webpages
(
27.11.2001
)
hush.little.baby_(at)_hushmail.com
,
[ALERT] Remote File Execution By Web or Mail: Internet Explorer
(
22.11.2001
)
Files:
HTML file that reads c:\test.txt
Discuss:
Read or add your comments to this news (0 comments)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
test server
