Reply With QuoteThat's where I found the link. The same exploit exists on many pages, but yours was the first URL I could think of, rick.there's a thank you in member to member for the link to LJR.
Correction, Linux Community.cloverm found it very quickly, there's a thank you in member to member for the link to LJR.
I found a hit in the server's log from the site to LJR.
That's where I found the link. The same exploit exists on many pages, but yours was the first URL I could think of, rick.there's a thank you in member to member for the link to LJR.
If anybody cares, the details of the vulnerability can be found here, which is not clouded by ZDNet sensationalism.
Heck, it works on IE 6 (which, admittedly, is just 5.5 with some 'enhancements'), so I don't think that they are in any rush to fix the problem to which the link refers. Got to love Microstink.There is an exploit for IE5.5 that allows any HTML file to run any arbitrary code even when scripting is disabled and security settings are maxed out in the browser. It has been weeks, if not months, and MS hasn't even acknowledged that the exploit exists.
Posting Permissions
Bookmarks