Warp2Search.net » News » January 2002 » Georgi Guninski IE GetObject() problems in IE 6.0 and 5.5 update!
Georgi Guninski IE GetObject() problems in IE 6.0 and 5.5 update!
Posted by: NewsFactory on: 01/03/2002 01:38 PM [ Print | 0 comment(s) ] · 590 views
IE GetObject() problems
Systems affected:
Patched IE 6.0, somewhat patched 5.5 Win2K
IE allows reading local files due to a bug in GetObject().
Reading local files may lead to executing arbitrary programs.
Workaround/Solution:
Disable Active Scripting and never turn it on.
Better, do not use IE in hostile environments such as the internet.
Vendor status:
Microsoft was notified on 11 December 2001.
They had 3 weeks to produce a patch but didn't.
follow up:
Guninski.com
Vivienne
Systems affected:
Patched IE 6.0, somewhat patched 5.5 Win2K
IE allows reading local files due to a bug in GetObject().
Reading local files may lead to executing arbitrary programs.
Workaround/Solution:
Disable Active Scripting and never turn it on.
Better, do not use IE in hostile environments such as the internet.
Vendor status:
Microsoft was notified on 11 December 2001.
They had 3 weeks to produce a patch but didn't.
follow up:
Guninski.com
Vivienne
« Easy CD Creator Basic v5.1a Update! · Georgi Guninski IE GetObject() problems in IE 6.0 and 5.5 update!
· Grokster And Limewire File-Sharing Utilities Contain Trojans! »
