- From: Miles Sabin <miles@milessabin.com>
- Date: Mon, 23 Jun 2003 22:31:10 +0100
- To: WWW-Tag <www-tag@w3.org>
Tim Bray wrote, > Whereas this is easy to believe, we'd like to see a specific scenario > or two showing how nefarious action or erroneous practice could lead > to a security breach. I think this (now rather ancient) MS IE vulnerability is the kind of thing you're looking for, http://www.inside-security.de/msie_mime_demo.html The demo is a VB-script document delivered with content-type of audio/x-wav but sniffed out and executed by IE regardless of restrictions on script execution. The links to the Microsoft Security Bulletin and Bugtraq and CVE listings have more details. IIRC several rather unpleasant worms were based on this flaw. Cheers, Miles
Received on Monday, 23 June 2003 17:31:25 UTC