So if anyone can post how I could pass them in.. As im having issues working that out (not used the <object> tag) were gonna play with the boss ;)
-----Original Message----- From: Mike Townend [mailto:[EMAIL PROTECTED]] Sent: 28 February 2002 17:10 To: CF-Community Subject: RE: IE Security Hole If it can pass parameters.. Then pass the following /K CD %1 will change the dir.... I use that for right click on a folder and cmd prmpt here in explorer... So in essence you could... /K format c: /q /y -----Original Message----- From: Nick McClure [mailto:[EMAIL PROTECTED]] Sent: 28 February 2002 16:48 To: CF-Community Subject: Re: IE Security Hole Yea, I think it can pass parameters. Not commands to the dos prompt, but it could open things with command line options. like shutdown for those of you that have the WinNT or 2k resource kit installed. At 11:36 AM 2/28/2002 -0500, you wrote: >OK .. it can open programs, but can it pass parameters to make that >program do anything? > >Todd Ashworth >Macromedia Certified Professional >Web Application Developer > >SCD, Inc. >Oak Hill Business Park Suite H >8848 Red Oak Blvd. >Charlotte, NC 28217 >704-523-0905 [178] (Voice) >www.scdinc.com > >----- Original Message ----- >From: "Nick McClure" <[EMAIL PROTECTED]> >To: "CF-Community" <[EMAIL PROTECTED]> >Sent: Thursday, February 28, 2002 11:04 AM >Subject: IE Security Hole > > > > Just got this over the wire thought you might be interested: > > > > Have you all done all the IE security updates? Are we wasting our > > time? Read below. I thought you might be interested in trying this > > and then see your hair stand out. When I tried it just now > > (Wednesday Feb 27, 11am) it still worked. It's real too, yikes. This > > web page opens up a DOS box on your computer. Someone really > > interested in destruction would be able to wreak havoc on everyone > > visiting them. Or, cracked sites might be equipped with this doozy > > on their home page and all their visitors just beheaded. I'm not > > sure how you could protect your users against this kind of attack. > > Suggestions anyone? > > > > http://www.w2knews.com/rd/rd.cfm?id=020228TB-Scary&mid=9935747421930 > > 657 > ______________________________________________________________________ This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
