Microsoft Internet Explorer Scriptlet Rendering Vulnerability

Aug 07, 2000

By design, the Scriptlet Component of Microsoft Internet Explorer (the ActiveX control that invokes scriplets) is only supposed to render HTML files. However, it will render any file type, which means a malicious website operator may gain read access to known files on a remote system by injecting valid HTML code into a file that would be run at the privilege level of the Local Computer Zone. Here's more details and directions to the Microsoft patch.

Microsoft Internet Explorer Scriptlet Rendering Vulnerability (information and patch)

Latest ColdFusion Talk (CF-Talk)

Question for UK List Members
query of query strange error
Files are getting uploaded full of zeros after CF9 upgrade
cfmail to Exchange using TLS
How to prevent cfhtmlhead content from being inserted into cfmail
Excel 2003/2007 Recalculating Interaction
Coldfusion Hosting
Problems verifying integers
CFHIGHCHARTS
Need to get at browser size and Flash support

Latest ColdFusion Jobs (CF-Jobs)

Mid to Sr Level Web Application De veloper – position 3510-1 - CA or NC
Contract to Hire in Irvine, CA
Telecommute Contract Position - Mid to Experienced ColdFusion Programmers Only
Need a Coldfusion Developer at Woodlawn MD for a Long Term Contract
(JOB) ColdFusion Programmer Needed (Ocean Isle Beach, NC) Raleigh,NC
Cold Fusion SQL Server and JavaScript Developer
(JOB) ColdFusion Programmer Needed (Ocean Isle Beach,NC) Wilmington,NC
*** Professional Services Available For Hire
(2) ColdFusion Experts to support FAA Senior Executives
(JOB) ColdFusion Developer in Florida!!!

Want a number like 800-ColdFusion?

My Toll Free 800 Number provides a vanity phone number service to clients who want more than just digits. How would you like 800-coldfusion?