[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    Re: [Full-Disclosure] CD-ROM drive opens
From:       "Thor Larholm" <thor () pivx ! com>
Date:       2003-06-26 11:02:13
[Download RAW message or body]

From: "Thor Larholm" <thor@pivx.com>
> Windows Media Player exposes several objects and methods to scripting
> through a safe-for-scripting, signed ActiveX control. Among those objects
> are the CD drive objects, which each have an Eject method. This is
> documented functionality in WMP, if you want to you can easily push the
> drive in and out in a constant cycle.
>
> If you don't like the features then don't use the product :)
>
> I remember people asking questions about ejecting CD drives back in 2000,
> and remember putting up an example in early 2001 (
> http://jscript.dk/2001/3/cdrom.jpg ).

Though undocumented currently, I can now confirm that Microsoft has removed
this functionality through the recently released MS03-021 bulletin.

http://www.microsoft.com/technet/security/bulletin/MS03-021.asp

MS03-021 fixes a vulnerability found by jelmer, as well as removing the
ability to eject CD drives from webpages.



Regards
Thor Larholm
PivX Solutions, LLC - Senior Security Researcher

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
[prev in list] [next in list] [prev in thread] [next in thread]