Hmm, it has no effect on WinXP SP2 RC2 (German) // Internet Explorer 6 SP2! - The new security central icon appears and opens a new line under the address field. It shows a message indicating that IE does not display active contents that could access the computer. You can allow blocked contend (after a second warning that the script could harm the computer) but this has no effect to IE at all.
This problem and many other security bugs and null-pointer exceptions seemes to be resolved with the upcoming SP2. Regards Marco Ellmann > -----Urspr�ngliche Nachricht----- > Von: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Im Auftrag > von Berend-Jan Wever > Gesendet: Sonntag, 11. Juli 2004 09:29 > An: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Betreff: [Full-Disclosure] I small poem in JScript > > I just wrote a small poem in JScript: > > <SCRIPT language="javascript"> > > MSIE = window.open; // for hackers to come in > for (every_bug_found in MSIE) { /* there are zillions more > hiden */ } > > </SCRIPT> > > Ok, so it doen't rhyme... but it is another null-pointer > exception DoS in MSIE 6.0sp1 (fully patched) ;) > > Cheers, > SkyLined > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
