>seems that even with the new Microsoft patch applied, the
>vulnerability works.
There is no reason for it not to work. MS03-040 doesn't claim to offer a
patch for ADODB.Stream or "file:javascript" vulnerabilities. It offers a
patch to the variation of the application/hta content-type header in obj...
>vulnerability works.
There is no reason for it not to work. MS03-040 doesn't claim to offer a
patch for ADODB.Stream or "file:javascript" vulnerabilities. It offers a
patch to the variation of the application/hta content-type header in obj...
[ more ]