62 matches found
Microsoft Internet Explorer 6 - URI Handler Restriction Circumvention
source: https://www.securityfocus.com/bid/5730/info Microsoft Windows Internet Explorer 6.0 SP1 introduced restrictions for certain URI handlers such as file:// and res://. It has been demonstrated in the past that these URI handlers could be abused and incorporated into different types of attack...
Standard HTML form implementation allows access to IMAP, SMTP, NNTP, POP3, and other services via crafted HTML page
Overview An intruder can send certain kinds of data to services that he is not ordinarily able to reach. By crafting the data such that it is redirected through any program the victim uses to render the malicious HTML, the intruder is able send that data to any services that the victim can send...