While surfing with the mac Version of IE 5.2 we reached a IIS driven
webserver.
One downloadlink ending with ".asp" saved the link as a lokal ".asp" file and
started the local program "AppleSystemProfiler" which seemed trying to
read the data.
I think it might be possible to force this behavior by targeting the mac users community to one download link ending with .asp and modifying the file in such a way the SystemProfiler might run any heap/stack/buffer overflow.
Anyone tried it already? -- Kai Kretschmann www.security-gui.de
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
