Liu Die Yu

7 exploits Active since Feb 2004
EIP-2026-118825 EXPLOITDB text WRITEUP
Microsoft Internet Explorer 6 - Codebase Double Backslash Local Zone File Execution
EIP-2026-118810 EXPLOITDB html WORKING POC
Microsoft Internet Explorer 5 - Document Reference Zone Bypass
CVE-2003-0816 EXPLOITDB html WORKING POC
Internet Explorer 6 SP1 - Auth Bypass
Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions by (1) using the NavigateAndFind method to load a file: URL containing Javascript, as demonstrated by NAFfileJPU, (2) using the window.open method to load a file: URL containing Javascript, as demonstrated using WsOpenFileJPU, (3) setting the href property in the base tag for the _search window, as demonstrated using WsBASEjpu, (4) loading the search window into an Iframe, as demonstrated using WsFakeSrc, (5) caching a javascript: URL in the browser history, then accessing that URL in the same frame as the target domain, as demonstrated using WsOpenJpuInHistory, NAFjpuInHistory, BackMyParent, BackMyParent2, and RefBack, aka the "Script URLs Cross Domain" vulnerability.
CVE-2004-0380 EXPLOITDB text WRITEUP
Microsoft Outlook Express <6 - Auth Bypass
The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability."
EIP-2026-118826 EXPLOITDB text WRITEUP
Microsoft Internet Explorer 6 - Double Slash Cache Zone Bypass
EIP-2026-118831 EXPLOITDB text WRITEUP
Microsoft Internet Explorer 6 - Local Resource Reference
CVE-2008-4582 EXPLOITDB html WORKING POC
Debian Linux - Access Control
Mozilla Firefox 3.0.1 through 3.0.3, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13, when running on Windows, do not properly identify the context of Windows .url shortcut files, which allows user-assisted remote attackers to bypass the Same Origin Policy and obtain sensitive information via an HTML document that is directly accessible through a filesystem, as demonstrated by documents in (1) local folders, (2) Windows share folders, and (3) RAR archives, and as demonstrated by IFRAMEs referencing shortcuts that point to (a) about:cache?device=memory and (b) about:cache?device=disk, a variant of CVE-2008-2810.