Threat level definition
Search:
Home
Bugtraq
Vulnerabilities
Mailing Lists
Jobs
Tools
Beta Programs
News
Infocus
Foundations
Microsoft
Unix
IDS
Incidents
Virus
Pen-Test
Firewalls
Columnists
Mailing Lists
Newsletters
Bugtraq
Focus on IDS
Focus on Linux
Focus on Microsoft
Forensics
Pen-test
Security Basics
Vuln Dev
Vulnerabilities
Jobs
Job Opportunities
Resumes
Job Seekers
Employers
Tools
RSS
News
Vulns
Security Research
BugTraq
Back to list
|
Post reply
IE: double slash moves cache from INTERNET zone to MYCOMPUTER zone
Nov 05 2003 10:31AM
Liu Die Yu (liudieyuinchina yahoo com cn)
(1 replies)
double slash moves cache from INTERNET zone to MYCOMPUTER zone
("that's all" is the end of file if you are in a hurry)
[tested]
OS:WinXp
Microsoft Internet Explorer v6.Sp1; up-to-date on 2003/10/30
[technical detail]
copy an EXE file to your cache directory:
[SysDrive]:\Documents and Settings\[user_name]\Local Settings\Temporary Internet Files\Content.IE5\EXE.EXE
then try to use CODEBASE trick to execute that file (refer to http://continue.to/trie --> "codebase local path"), you'll get an error message.
however set CODEBASE to:
[SysDrive]:\\Documents and Settings\[user_name]\Local Settings\Temporary Internet Files\Content.IE5\EXE.EXE
(double slash after [SysDrive])
EXE.EXE in cache directory will be executed.
conclusion:
[SysDrive]:\Documents and Settings\[user_name]\Local Settings\Temporary Internet Files\Content.IE5is treated in INTERNET zone.
but
[SysDrive]:\\Documents and Settings\[user_name]\Local Settings\Temporary Internet Files\Content.IE5is treated in MYCOMPUTER zone.
that's all.
of course, it's added to "Unpatched IE Bugs" list maintained by me. here: http://continue.to/trie
[greeting]
greetings to:
the Pull, dror, guninski and mkill.
-----
all mentioned resources can always be found at UMBRELLA.MX.TC
[contact]
UMBRELLA.MX.TC ==> How to contact "Liu Die Yu"
[ reply ]
Re: IE: double slash moves cache from INTERNET zone to MYCOMPUTER zone
Nov 10 2003 03:35PM
3APA3A (3APA3A SECURITY NNOV RU)
Privacy Statement
Copyright 2009, SecurityFocus
double slash moves cache from INTERNET zone to MYCOMPUTER zone
("that's all" is the end of file if you are in a hurry)
[tested]
OS:WinXp
Microsoft Internet Explorer v6.Sp1; up-to-date on 2003/10/30
[technical detail]
copy an EXE file to your cache directory:
[SysDrive]:\Documents and Settings\[user_name]\Local Settings\Temporary Internet Files\Content.IE5\EXE.EXE
then try to use CODEBASE trick to execute that file (refer to http://continue.to/trie --> "codebase local path"), you'll get an error message.
however set CODEBASE to:
[SysDrive]:\\Documents and Settings\[user_name]\Local Settings\Temporary Internet Files\Content.IE5\EXE.EXE
(double slash after [SysDrive])
EXE.EXE in cache directory will be executed.
conclusion:
[SysDrive]:\Documents and Settings\[user_name]\Local Settings\Temporary Internet Files\Content.IE5is treated in INTERNET zone.
but
[SysDrive]:\\Documents and Settings\[user_name]\Local Settings\Temporary Internet Files\Content.IE5is treated in MYCOMPUTER zone.
that's all.
of course, it's added to "Unpatched IE Bugs" list maintained by me. here: http://continue.to/trie
[greeting]
greetings to:
the Pull, dror, guninski and mkill.
-----
all mentioned resources can always be found at UMBRELLA.MX.TC
[contact]
UMBRELLA.MX.TC ==> How to contact "Liu Die Yu"
[ reply ]