Slash Boxes
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

use Perl Log In

Log In

[ Create a new account ]

rjray (1649)

  (email not shown publicly)
AOL IM: rjrayperl (Add Buddy, Send Message)
Yahoo! ID: rjray_perl (Add User, Send Message)

Journal of rjray (1649)

Tuesday April 01, 2003
07:57 PM

More Fun with Internet Exploder

[ #11387 ]

There's a new IE exploit in town, pilgrim, and this time it's aiming for your cupholder, err, CD-ROM tray. This code apparently opens all CD-ROM drives when IE encounters it:


    Set oWMP = CreateObject("WMPlayer.OCX.7")
    Set colCDROMs = oWMP.cdromCollection

    if colCDROMs.Count >= 1 then
            For i = 0 to colCDROMs.Count - 1
            Next ' cdrom
    End If


If you are vulnerable, you may have noticed by now that in addition to the HTML-escaped version of the code above, I have also included the real code itself in this entry. I did this to share the joy with you. And because I can be a real bastard that way.

Update: Removed the VBScript because pudge was apparently smart-enough to have the Slash code look for that kind of crap and fix it up. :-).

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
More | Login | Reply
Loading... please wait.