Black Hat DC 2010: Internet Explorer turns your personal computer into a public file server 1/7
Speakers: Jorge Luis, Alvarez Medina
In this presentation we will show how an attacker can read every file of your file system if you are using Internet Explorer. This attack leverages different design features of Internet Explorer entailing security risks that, while low if considered isolated, lead to interesting attack vectors when combined altogether. We will also disclose and demonstrate proof of concept code developed for the scenarios proposed.
For more information go to the BlackHat 2010 DC archive http://bit.ly/aNhakO