Monday, March 01, 2010

Exploit thought: .com is both domain and Windows executable extension

A site in the .com domain can save a page to a file name equal to the domain name. If that file happen to be valid .com executable that might be executed by a user easily...

No comments: