Georgi Guninski wrote: > Georgi Guninski security advisory #50, 2001 > > Javascript in IE may spoof the whole screen > > Systems affected: > IE 5.5/6.0 on Windows, probably earlier versions [...] > > Demonstration: > > Image moving over download/open dialog: > http://www.guninski.com/opf2.html > BSOD emulation: > http://www.guninski.com/bsod1.html Neither of these demonstrations function correctly in IE 5.0; they produce script error message boxes, reporting that the 'object does not support the requested method'. I don't know whether that means IE 5.0 isn't vulnerable or not...
