gaurav at securebox.org
Thu Dec 22 08:15:41 GMT 2005
> Not Exactly !! I wud rather suggest you to do a little more research and
> draw any conclusion. Keep those _Security Zones_ in mind before you post
I did the research on Windows XP SP2
The script with ActiceX and XML was uploaded to
The screenshot at the following URL shows the note.xml placed at C:\
while the ethereal is showing POSTing the data to attacker's site.
Clearly geocities.com is in Internet zone.
Full-Disclosure is hosted and sponsored by Secunia.