New bug hits IE?

Discussions of applications and operating systems and any problems, tips or suggestions. Win XP, 9x/2k, Linux, NT, photo editing, Virus/Spyware help
Post Reply
User avatar
Rayzor
Senior Member
Posts: 274
Joined: Wed Nov 22, 2000 8:13 am
Location: Bronx, New York (Home of the Pedro's Daddy! The NY Yankees)
Contact:
Contact Rayzor

New bug hits IE?

Post by Rayzor »

WE'RE NOT QUITE certain what's going on here, but there appears to be a fresh hole in Internet Explorer that lists all the files on your hard drive, perhaps to all and sundry

Warning: Be very careful

Let's be careful out there :S
<a href = "http://www.heatware.com/eval.php4?id=77">Heatware</a>

<img src="http://www.webdeveloper.com/animations/bnifiles/chainsaw.gif"><A HREF="mailto:r.cal@verizon.net">Email</A>

My"New" Rig
01010010 01100001 01111001 01011010 01101111 01110010
Top
User avatar
vwkess
Posts: 791
Joined: Wed Nov 22, 2000 11:57 am
Location: NWA

Post by vwkess »

I guess it could be considered a security hole. But its not new, I've seen this back in like '97. I guess that was in IE 3.0 back then. Thats probably a "feature" in IE we could do without ;)
Top
User avatar
FlyingPenguin
Flightless Bird
Posts: 33161
Joined: Wed Nov 22, 2000 11:13 am
Location: Central Florida
Contact:
Contact FlyingPenguin

Post by FlyingPenguin »

I don't think this can be exploited as a hack - it only shows YOUR drive when you execute that code.

It only works because IE and Windows Explorer are really one and the same beast. You can browse any local drive from IE - just type C:\ in the URL window.
---
“The Government of Spain will not applaud those who set the world on fire just because they show up with a bucket.” - Prime Minister of Spain, Pedro Sánchez

Image
Top
Post Reply

Return to “OS / Software Forum”