BugTraq
Back to list
|
Post reply
MSIE:patched&undisclosed XSS vuln
Jul 12 2003 08:40AM
Liu Die Yu (liudieyuinchina yahoo com cn)
MSIE:patched&undisclosed XSS vuln
("that's all" is end of file if you are in a hurry)
[tested]
OS:Windows XP Professional
Browser: MS Internet Explorer 6.0.2600.0000.xpclient.01087-1148
(without any patch)
(note: it doesn't work on the patched MSIE)
[demo]
at
http://www.safecenter.net/liudieyu/AutoScanJPU/AutoScanJPU-MyPage.htm
or
http://umbrella.mx.tc ==> "AutoScanJPU-MyPage" section
[exp]
window.external.AutoScan method can navigate other windows to somewhere,
and it doesn't filter Javascript-protocol url.
that's all.
[how]
http://www.safecenter.net/CrossZone/ie/UJPU.HTM
[gossiping]
does anyone here know other vulnz patched silently?
greetings to:
the Pull, dror, guninski and "Vadim Krochak" - and gean!
best wishes
die
------------------------
make notes easily!
- http://www.safecenter.net/liudieyu/domex
- http://domex.int.tc
-------------------
all mentioned resources can be found at http://umbrella.mx.tc
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
MSIE:patched&undisclosed XSS vuln
("that's all" is end of file if you are in a hurry)
[tested]
OS:Windows XP Professional
Browser: MS Internet Explorer 6.0.2600.0000.xpclient.01087-1148
(without any patch)
(note: it doesn't work on the patched MSIE)
[demo]
at
http://www.safecenter.net/liudieyu/AutoScanJPU/AutoScanJPU-MyPage.htm
or
http://umbrella.mx.tc ==> "AutoScanJPU-MyPage" section
[exp]
window.external.AutoScan method can navigate other windows to somewhere,
and it doesn't filter Javascript-protocol url.
that's all.
[how]
http://www.safecenter.net/CrossZone/ie/UJPU.HTM
[gossiping]
does anyone here know other vulnz patched silently?
greetings to:
the Pull, dror, guninski and "Vadim Krochak" - and gean!
best wishes
die
------------------------
make notes easily!
- http://www.safecenter.net/liudieyu/domex
- http://domex.int.tc
-------------------
all mentioned resources can be found at http://umbrella.mx.tc
[ reply ]