Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote malicious users to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html".
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft internet explorer 5.5 |
||
avaya ip600 media servers |
||
microsoft internet explorer 5.0.1 |
||
microsoft internet explorer 6.0 |
||
microsoft ie 6.0 |
||
avaya definity one media server |
||
avaya s3400 |
||
avaya s8100 |
||
nortel ip softphone 2050 |
||
microsoft windows 2000 |
||
nortel mobile voice client 2050 |
||
nortel optivity telephony manager |
||
microsoft windows 2003 server enterprise |
||
microsoft windows 98se |
||
microsoft windows me |
||
microsoft windows xp |
||
nortel symposium web centre portal |
||
nortel symposium web client |
||
microsoft windows 2003 server enterprise_64-bit |
||
microsoft windows 2003 server r2 |
||
microsoft windows 2003 server web |
||
microsoft windows 98 |
||
avaya modular messaging message storage server 1.1 |
||
avaya modular messaging message storage server 2.0 |
||
microsoft windows 2003 server standard |