babysimon: (kde)
[personal profile] babysimon
Exploit allows malicious site to execute arbitrary code by showing user 404 and assuming they click "Back".

Sample exploit (executes minesweeper) :

http://www.babysimon.co.uk/iebug.html

As always, Mozilla is available from http://www.mozilla.org/

(no subject)

Date: 2002-04-17 02:33 am (UTC)
From: [identity profile] ciphergoth.livejournal.com
eek!

Where did you hear about this one from?

If you're a Windows user, here's the direct link to the current latest Mozilla download; it's about 9 Mb.

http://download.mozilla.org/pub/mozilla/releases/mozilla0.9.9/mozilla-win32-0.9.9-installer.exe

(no subject)

Date: 2002-04-17 02:34 am (UTC)
From: [identity profile] sashajwolf.livejournal.com
Huh?

I may just not be understanding, but only the third link behaves as I'd expect from your post.

The first two give me a 404, but don't run minesweeper when I click back - I just get a blank window with gibberish in the Address box.

The fourth one shows me a Google search screen, and then when I click back, I get a dialog box with complete gibberish.

I'm confused.

(no subject)

Date: 2002-04-17 02:38 am (UTC)
djm4: (Hair)
From: [personal profile] djm4
Indeed. Here's a link to more information from McAfee, with a link to a patch from Microsoft.

(no subject)

Date: 2002-04-17 03:18 am (UTC)
From: [identity profile] elfgeek.livejournal.com
I've stopped using IE ages ago. The only problem with Mozilla is it doesn't work with the Cisco curriculum site (I can't seem to install Macromedia Flash on Mozilla and Shockwave doesn't work) and for that one and only reason I still have a copy of IE tucked away.

(no subject)

Date: 2002-04-17 06:28 am (UTC)
lovingboth: (Default)
From: [personal profile] lovingboth
Well, your sample doesn't seem to work with IE 5.00.something.something.

That's useful - despite being the version shipped with Win98SE, MS seem to have discontinued support for it, and I don't want to 'upgrade' to 5.5 or 6.0

April 2017

S M T W T F S
      1
2345678
910 1112131415
16171819202122
23242526272829
30      

Style Credit

Expand Cut Tags

No cut tags
Page generated Apr. 20th, 2026 11:10 am
Powered by Dreamwidth Studios