Page 1 of 1
Try this in IE
Posted: Wed Feb 11, 2009 8:12 pm
by Fender
http://www.heise.de/security/dienste/br ... ogo_en.jpg
edit: good, embedded images don't run the JavaScript
Re: Try this in IE
Posted: Wed Feb 11, 2009 8:39 pm
by axbaby
i am vulnerable right now .. be nice to me or i will start crying.
Re: Try this in IE
Posted: Wed Feb 11, 2009 8:40 pm
by 4days
ie
Re: Try this in IE
Posted: Wed Feb 11, 2009 8:57 pm
by bork[e]
ie just said omg I'm vulnerable, is that all that happens?
Re: Try this in IE
Posted: Wed Feb 11, 2009 10:52 pm
by Peenyuh
bork[e] wrote:ie just said omg I'm vulnerable, is that all that happens?
That, and yer entire porn collection just got downloaded to Fenders comp.
Re: Try this in IE
Posted: Thu Feb 12, 2009 1:45 am
by Fender
bork[e] wrote:ie just said omg I'm vulnerable, is that all that happens?
Here's a hint, it could execute arbitrary JavaScript, for starters. So I could probably insert some JS to read any cookies for the domain displaying the image and post them to a web server.
Re: Try this in IE
Posted: Thu Feb 12, 2009 3:39 am
by Scourge
I got a red x.
Re: Try this in IE
Posted: Thu Feb 12, 2009 8:41 am
by MKJ
so wait, you tried to hack all q3w members and then when it failed you tried to pass it off as "good security"?
earmarked