List, On 09/02/2011 06:45 PM, root wrote: > You don't get the worst part: unsuccessful exploitation also leads to > code execution. > Scary stuff. > > On 09/02/2011 05:05 PM, Mario Vilas wrote: >> Are you guys seriously reporting that double clicking on a malicious .vbs >> file could lead to remote code execution? :P >> >> Either I'm missing something (and I'd welcome a rebuttal here!) or you might >> as well add .exe to that list. All those extensions are already executable.
I think that they're talking about that executing a trusted vbs could lead to the execution of malicious code. :S regards, -- Nahuel Grisolia - C|EH Information Security Consultant Bonsai Information Security Project Leader http://www.bonsai-sec.com/ (+54-11) 4777-3107 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/