Vulnerability Development mailing list archives
Re: Rather large MSIE-hole
From: jon schatz <jon () divisionbyzero com>
Date: 14 Mar 2002 14:50:00 -0800
On Thu, 2002-03-14 at 13:56, KF wrote:
Sorry if someone else has said this... but has anyone tryed using + as a space like you had to when using cmd.exe via unicode exploit?
i tried that a week ago like so:
var programName=new Array(
'c:/winnt/system32/cmd.exe+/c+c:/winnt/system32/calc.exe'
);
no dice on Win2k+sp2+ie6
-jon
--
jon () divisionbyzero com || www.divisionbyzero.com
gpg key: www.divisionbyzero.com/pubkey.asc
think i have a virus?: www.divisionbyzero.com/pgp.html
"You are in a twisty little maze of Sendmail rules, all confusing."
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Disabling the MSIE hole., (continued)
- Disabling the MSIE hole. Suresh P (Mar 12)
- Re: Disabling the MSIE hole. Bob at firstcodings (Mar 13)
- RE: Disabling the MSIE hole. leon (Mar 13)
- Re: Disabling the MSIE hole. Magnus Bodin (Mar 13)
- Re: Rather large MSIE-hole Magnus Bodin (Mar 12)
- Re: Rather large MSIE-hole NyQuist (Mar 13)
- Re: Rather large MSIE-hole NoCoNFLiC (Mar 13)
- Re: Rather large MSIE-hole methodic (Mar 14)
- Re: Rather large MSIE-hole Felipe Franciosi (Mar 14)
- Re: Rather large MSIE-hole KF (Mar 14)
- Re: Rather large MSIE-hole jon schatz (Mar 14)
- Re: Rather large MSIE-hole NoCoNFLiC (Mar 15)
- Re: Rather large MSIE-hole NyQuist (Mar 13)
- Disabling the MSIE hole. Suresh P (Mar 12)
- Re: [Re: Rather large MSIE-hole] another variant (NAV and Finjan block this) David Barnett (Mar 16)
- Re: Rather large MSIE-hole Raul Dias (Mar 13)
- Re: Rather large MSIE-hole Syzop (Mar 14)
- RE: Rather large MSIE-hole Ryan Sweat (Mar 14)