Microsoft Windows Script Host 5.1/5.5 - 'GetObject()' File Disclosure

source: https://www.securityfocus.com/bid/1718/info It is possible for an outside attacker to view known files on a remote system if the target user visits a website or opens an email containing a specially formed script containing the JScript function 'GetObject' and the ActiveX object 'htmlfile...