hi, agreed, but still its possible to conduct remote attacks on unpatched IE i suppose. Also, if a new flaw pops up using which we are able to access "res:" protocol from the internet-zone, well, this is one way of injecting code into the mycomputer-zone.
well, all i wanted to point out was that there was no filtering on part of software, to disallow any such attacks. rgds, Viper --- "Rafel Ivgi, The-Insider" <[EMAIL PROTECTED]> wrote: > This is not dangerous from remote, because the > "res:" protocol is not > accessible by internet zone. You must to find a way > to access "res:" from > remote, otherwise it means nothing. As for local > zone, you can ran scripts > in mycomputer zone. > > > Rafel Ivgi, The-Insider > Security Consultant, Finjan.com > ________________________________________________________________________ Yahoo! India Matrimony: Find your life partner online Go to: http://yahoo.shaadi.com/india-matrimony _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
