Additionally, you cannot pass a parameter to the executable launched. ----- Original Message ----- From: "Stefan Osterlitz" <stefan@osterlitz.de> To: "GreyMagic Software" <security@greymagic.com> Cc: "BUGTRAQ@SECURITYFOCUS. COM" <BUGTRAQ@securityfocus.com> Sent: Friday, March 01, 2002 7:01 PM Subject: Re: IE execution of arbitrary commands without Active Scripting or ActiveX (GM#001-IE) > > Solution: > > ========= > > > There is no configuration-tweaking workaround for this bug, it will work > as > > long as the browser parses HTML. The only possible solution must come in > the > > form of a patch from Microsoft. > > IMHO this is wrong. you can disable the download of signed / unsigned > activex controls. > my ie version 5.00.2614.3500 w/patches is not vulnerable with that setting. > > > > > Tested on: > > ========== > > > IE5.5sp2 Win98, all patches, Active scripting and ActiveX disabled. > > IE5.5sp2 NT4 sp6a, all patches, Active scripting and ActiveX disabled. > > IE6sp1 Win2000 sp2, all patches, Active scripting and ActiveX disabled. > > IE6sp1 WinXP, all patches, Active scripting and ActiveX disabled. > > > >
