Results 1 to 2 of 2

Thread: um, was that a bug?

  1. #1

    Question um, was that a bug?

    Hello everybody. Couple of hours I was fooling around with JavaScript (in M$ FrontPage 98, scince nothing else was at hand's reach at that moment) and I found an interesting thing, I was writing a code in JS to open up a new small window on loading:
    <body onLoad="newWin=window.open('here is a space ', 'message', toolbar=0, status=0, width=100,height=120);">
    And if you leave a space where a url of the incoming page should be located, M$ opens up a temp directory, does this lead to vunurability of remote access to files on other peoples disks?
    I've heard of JavaScript Vulnurabilities, that allow malicious webmasters to view other people drives, but well what are your ideas?
    Or is this a compliment of M$?
    [glowpurple]Terrible end is better than endless terror! [/glowpurple]

  2. #2
    Senior Member
    Join Date
    Dec 2001
    hmm... i tried this and i got a blank window. I don't think there is anyway to exploit this and view someones harddrive. Now say you told it to open up a window with a java chat client you modified. The user would have to give the client permission to run but most ppl would just say yes to the permission box. That wud be a way to get remote acess.
    Just my two cents,

    [glowpurple]\"Your Smallest Flaw is my greatest Strength.\" - Me[/glowpurple]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts