Via Thor Larholm's Blog -
There is an input validation flaw in Internet Explorer that allows you to specify arbitrary arguments to the process responsible for handling URL protocols. This is the same type of input validation vulnerability that I discovered in the Safari 3 beta (see “Safari for Windows, 0day exploit in 2 hours“).
...
And there you have it, a cross browser command injection vulnerability for Internet Explorer. I am currently having some fun with the Windows Help Center and Office Groove 2007, both of which exhibit some clear potentials for malicious manipulation, but that will have to wait for a later article.
No comments:
Post a Comment