Note: This vulnerability as well as several more can be found at http://www.geryhats.cjb.net
Media Preview Script Execution Vulnerability
[Tested] MSDXM.DLL file version 6.4.09.1128 Microsoft Windows 2000
The example is a vulnerable asx file which, when clicked in explorer, will display a messagebox wiith the location of the directory.
Note: The asx file must be opened in the media player control. It will not work if opened in windows media player itself.