l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
May 20: Smart Static Sites with Hakyll 		Next Installfest:
Saturday, January 26th 		Latest News:
Mar. 22: Slides from "Making Predictions Using Linux and R" talk 		Page last updated:
2002 Nov 14 22:27

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

 Report this post as spam:

(Enter your email address)
Re: [vox] IE JavaScript security hole
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox] IE JavaScript security hole

On Thu, 14 Nov 2002, Ryan Castellucci wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Thursday 14 November 2002 05:38 pm, Bill Kendrick wrote:
> > On Thu, Nov 14, 2002 at 05:36:39PM -0800, Ryan Castellucci wrote:
> > > Didn't work on VMware + Win2k + IE 5 or my buddies box with IE 6......
> >
> > I assume JavaScript was enabled and a floppy disk was in the A: drive?
> 
> Yeah, and A: was bridged to my real floppy drive in VMware

Sort of worked for me on my work Win2k system. Win2k version of FORMAT
doesn't support the "/autotest" option, which allows silent format.  
However, it makes it to the point of getting an error back from the
FORMAT, so the method is sound.

I normally run it with scripts and activex allowed only by prompt... and
deny unless the website fails to function and appears legit.  Not perfect,
and a PITA saying no all the time, but enough to prevent this junk from
getting through unless a big site gets hacked.

Win2k 5.00.2195
IE 5.50.4807.2300;SP2;Q316059;Q319182;Q321232;Q323759;Q328389

---------------------------------------------------------------------------
Jeff Newmiller                        The     .....       .....  Go Live...
DCN:<jdnewmil@dcn.davis.ca.us>        Basics: ##.#.       ##.#.  Live Go...
                                      Live:   OO#.. Dead: OO#..  Playing
Research Engineer (Solar/Batteries            O.O#.       #.O#.  with
/Software/Embedded Controllers)               .OO#.       .OO#.  rocks...2k
---------------------------------------------------------------------------

_______________________________________________
vox mailing list
vox@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox
LinkedIn
LUGOD Group on LinkedIn 		Sign up for LUGOD event announcements
Your email address: 		facebook
LUGOD Group on Facebook

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

 Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!