|
Microsoft Windows XP HCP URI Handler Arbitrary Command Execution Vulnerability
The following examples have been supplied: hcp://services/layout/contentonly?topic=... where ... is a correct URL http:// for page file:/// for run (remember use / (slash) in path e.g. c:/windows/system32/... The following additional example vectors have been supplied: hcp://services/layout/fullwindow?topic= hcp://services/centers/support?topic= Additional proof-of-concepts were provided in the "IE ms-its: and mk:@MSITStore: vulnerability" BugTraq post by Roozbeh Afrasiabi. |
|
 Privacy Statement |
