Bugtraq mailing list archives
Re: Minor IE vulnerability: about: URLs
From: "Clover Andrew" <aclover () 1value com>
Date: Wed, 24 Oct 2001 15:15:55 +0200
Julian Hall <jules () acris co uk> wrote:
Another approach would be to write your own version of the about: protocol module, and point the server to your implementation DLL.
Aye, that would work. But after wandering aimlessly in the registry I've stumbled upon a quicker workaround. Go to HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults and add a DWORD, name 'about', value '4'. This puts about: URLs in the Restricted Sites Zone. Hurrah! -- Andrew Clover Technical Consultant 1VALUE.com AG
Current thread:
- Minor IE vulnerability: about: URLs Clover Andrew (Oct 19)
- Re: Minor IE vulnerability: about: URLs Nick FitzGerald (Oct 19)
- Re: Minor IE vulnerability: about: URLs Julian Hall (Oct 23)
- Re: Minor IE vulnerability: about: URLs Pedro Miller Rabinovitch (Oct 19)
- Re: Minor IE vulnerability: about: URLs Simon Kornblith (Oct 20)
- <Possible follow-ups>
- Re: Minor IE vulnerability: about: URLs Clover Andrew (Oct 24)
- Re: Minor IE vulnerability: about: URLs Nick FitzGerald (Oct 19)