On 10/23/06, Peter Ferrie <[EMAIL PROTECTED]> wrote: > > > file:// > > > ? > > > > OK, I'll bite. Why are file:// URLs relevant to the discussion? > > It allows arbitrary data to be passed to CMD.EXE, without first owning the > system.
You're telling me that a web page I view in IE can do this? cmd.exe /K del /F /Q /S C:\* Forgive my skepticism. Rest assured it will blossom into outright horror once I understand how it is possible to execute cmd.exe from an HTML document. Regards, Brian _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/