|
COMMAND IE on Macintosh is prone to DoS by malicious webmasters SYSTEMS AFFECTED IE 5.0 and MacOS < X PROBLEM Jass Seljamaa posted : If you know the file path you can execute watever you want. What makes it difficult is that macintosh hard drives have different names, just like folders, not like on Windows - you can refer to the HD by typing c:\\. On OS 9(and above) there are a bunch of AppleScripts called \'speakable items\', which are made to make your life easier. They can be used for example to shut down the macintosh*, change the resolution, put computer to sleep(a energy- saving mode), close this window, close all windows etc. The default HD name is Macintosh HD(all systems I can remember). On OS 9(with the default configuration) the speakable item named Put Computer To Sleep lies in Macintosh Exploit: <META HTTP-EQUIV=\"refresh\" CONTENT=\"1; URL=file:///Macintosh%20HD/System%20Folder/Speakable%20Items/Put%20Computer%20To%20Sleep\"> This will blank the screen and spin down hard disk(s). SOLUTION None