Partial access to local files via CSS in Internet Explorer

Via .oFile.cssText property of Link object it's possible to get partial content of any file with structure close to CSS...

Несанкционированный доступ через GetObject() в Microsoft Internet Explorer (unauthorized access)

Через функцию GetOBject можно получить доступ к локальным файлам...

Race condition in periodic

Overview A race condition in the 'periodic' script allows local files to be overwritten. We believe that 'periodic' is typically used only with FreeBSD systems, though it may be installed on other systems. Description 'periodic' is a script used in conjunction with cron to execute jobs at specifi...

David Harris Pegasus Mail 3.12 - File Forwarding

source: https://www.securityfocus.com/bid/1738/info It is possible for a malicious website operator to obtain copies of known files on a remote system if a website visitor is running Pegasus Mail client. If the following code were to be inserted into a HTML document and a user were to load that...

Дырка в реализации JAVA в Netscape (BOHTTPD)

Ошибки в реализации виртуальной машины позволяют удаленный доступ к локальной машине и доступ к локальным файлам...

Netscape Communicator 4.x - URL Read

source: https://www.securityfocus.com/bid/1546/info A flaw in Netscape Communicator's implementation of Java allows malicious applets to read any resource reachable via a URL from the local machine by using the netscape.net.URLConnection and netscape.net.URLInputSteam classes. This allows malicio...

FreeBSD-SA-00:16.golddig

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:16 Security Advisory FreeBSD, Inc. Topic: golddig port allows users to overwrite local files Category: ports Module: golddig Announced: 2000-05-09 Credits: Discovered...

Дырка в Jana

В http-сервере разрешен обратный путь в директориях, таким образом можно получить доступ к любому локальному файлу...

msie4.x-readfile.txt

Guninski's IE 4 file reading bug. http://www.geocities.com/ResearchTriangle/1711/read3.html There is a bug in Internet Explorer 4.x patched which allows reading local files and sending them to an arbitrary server. The problem is: if you add '%01someURL' after the URL, IE thinks that the document ...

Compaq Client Management Agents 3.704.0 Insight Management Agents 4.21 A4.22 A4.30 A Intelligent Cluster Administrator 1.0 Management Agents for Workstations 4.20 A Server Management Agents 4.23 Survey Utility 2.0 - Web File Access

Compaq Client Management Agents 3.704.0 Insight Management Agents 4.21 A4.22 A4.30 A Intelligent Cluster Administrator 1.0 Management Agents for Workstations 4.20 A Server Management Agents 4.23 Survey Utility 2.0 - Web File Access source: https://www.securityfocus.com/bid/282/info A vulnerabilit...

Microsoft Internet Explorer 4/5 - DHTML Edit ActiveX Control File Stealing / Cross Frame Access

source: https://www.securityfocus.com/bid/116/info Vulnerabilities in an ActiveX control distributed with Internet Explorer 5 and available for Internet Explorer 4 allow malicous web sites to steal local files and to bypass cross-frame security rules. The DHTML Edit Control Safe for Scripting...

Security Update, February 13, 2002 (MSXML 2.6)

This update resolves the "XMLHTTP Control Can Allow Access to Local Files" security vulnerability in Microsoft XML MSXML 2.6 and Windows XP, and is discussed in Microsoft Security Bulletin MS02-008. Download now to help prevent a malicious user from reading the files on your computer when you vis...