Topic of Interest: Internet Explorer Vulnerability test - Printable Version +- South Africa Info Forums (https://globalbuzz-sa.com/forums) +-- Forum: Your Resources (https://globalbuzz-sa.com/forums/Forum-Your-Resources) +--- Forum: Your Computers, Gadgets and Software (https://globalbuzz-sa.com/forums/Forum-Your-Computers-Gadgets-and-Software) +--- Thread: Topic of Interest: Internet Explorer Vulnerability test (/Thread-Topic-of-Interest-Internet-Explorer-Vulnerability-test)

Topic of Interest: Internet Explorer Vulnerability test - ForumAdmin - 11-01-2005 Internet Explorer Command Execution Vulnerability Test Introduction Some vulnerabilities have been discovered in Internet Explorer, which allows a malicious web site to execute arbitrary commands or install code on your computer without any user interaction. A demonstration of the vulnerability is available for users running Internet Explorer 6 with Windows XP SP2 installed. Test Case / Demonstration Click the link below in order to test whether or not your system is vulnerable. This test is designed to work on Internet Explorer 6 with Windows XP SP2 installed. Test Your System Test Now - Left Click On This Link Please note: If you wish to run the test multiple times, then please refresh this page before each test. The test requires that you have Windows installed in "c:/windows/". What Happens When You Run The Test When clicking the link above the exploit will be invoked. The exploit will launch "cmd.exe" (Command Prompt), which then will open a Secunia web page using "iexplore.exe" (Internet Explorer). This test asks you to click a link before the exploit will run, this however, is not required for the vulnerability to work. The vulnerability can be exploited completely automatically by simply visiting a web site. Result You are vulnerable if a new Internet Explorer window opens, displaying a new Secunia web page. Credits The test is based on PoC by ShredderSub7. PoC and test based on research by: * ShredderSub7 * Paul, Greyhats Security * Michael Evanchik * Roozbeh Afrasiabi * http-equiv ############### To see this article and to do the tests go to http://secunia.com/internet_explorer_command_execution_vulnerability_test/