CVE-2002-0052

Internet Explorer 6.0 and earlier does not properly handle VBScript in certain domain security checks, which allows remote attackers to read arbitrary files...

Security Bulletin MS02-009

---------------------------------------------------------------------- Title: Incorrect VBScript Handling in IE can Allow Web Pages to Read Local Files Date: 21 February 2002 Software: Internet Explorer Impact: Information Disclosure Max Risk: Critical Bulletin: MS02-009 Microsoft encourages...

Дырка в AOL Instant Messenger

При некоторых условиях на компьютере клиента может быть выполнен Javascript/VBScript...

Modifed images can lead to JavaScript/VBScript execution in AIM

Software Effected: AOL Instant Messenger Versions Effected: 4.1 to current including 4.4 alpha, older versions probably effected Details: AOL Instnat Messenger has the ability to embed images into an instant message. The user sends the graphic to the person they wish to show, and the graphic show...

Microsoft Internet Explorer vulnerable to file disclosure via code containing GetObject() function

Overview Internet Explorer may disclose files on your computer if you visit a malicious web site or read a mail message with Active Scripting enabled. Description By design, Microsoft Internet Explorer prevents programs on web sites from reading files on your computer without authorization...

Exploit Code for File Input field advisory.

I have coded an exploit example for the "File Upload via Form" vulnerability recently mentioned by Microsoft Security. Here's the source for it well, most of the source. If you would like the whole source, email me. I'll send it as an attachment. --------------snip------------------ !script...

Microsoft Windows NT 4.0 - DCOM Server

source: https://www.securityfocus.com/bid/624/info It is possible for a local user to modify how DCOM servers are run, thereby escalating his/her privilege level. The Interactive User has write permissions to the DCOM registry entries. By editing the registry keys associated with DCOM server...

Microsoft Windows NT 4.0 - DCOM Server

Microsoft Windows NT 4.0 - DCOM Server source: https://www.securityfocus.com/bid/624/info It is possible for a local user to modify how DCOM servers are run, thereby escalating his/her privilege level. The Interactive User has write permissions to the DCOM registry entries. By editing the registr...

cuartango-window.txt

Cuartango Window http://pages.whowhere.com/computers/cuartangojc/cuartangow1.html Affected software Microsoft Internet Explorer 4 Risks Your computer is at risk a malicious VBScript can get full control over your system. The VBScript can de everything : delete files, install viruses, read your...

Security Update for Windows Server 2003 for Itanium-based Systems (KB944338)

A security issue has been identified in VBScript and Jscript that could allow an attacker to compromise your Microsoft Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart...

Security Update for Windows Server 2003 x64 Edition (KB944338)

A security issue has been identified in VBScript and Jscript that could allow an attacker to compromise your Microsoft Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart...

Internet Explorer help

None None...

Security Update for Windows XP x64 Edition (KB944338)

A security issue has been identified in VBScript and Jscript that could allow an attacker to compromise your Microsoft Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart...

Security Update for Windows XP (KB944338)

A security issue has been identified in VBScript and Jscript that could allow an attacker to compromise your Microsoft Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart...

Security Update for Windows Server 2003 (KB944338)

A security issue has been identified in VBScript and Jscript that could allow an attacker to compromise your Microsoft Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart...

Security Update for Windows 2000 (KB944338)

A security issue has been identified in VBScript and Jscript that could allow an attacker to compromise your Microsoft Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart...

Security Update, February 14, 2002 (Internet Explorer 5.01)

This is an updated version of Security Update, February 14, 2002. This update resolves the "Incorrect VBScript Handling can Allow Web Pages to Read Local Files" security vulnerability in Internet Explorer 5.01 and Windows 2000, and is discussed in Microsoft Security Bulletin MS02-009. Download no...