Firefox. Since the hybrid renders as a valid image, Firefox tries to copy
the image to the desktop when dropped. By creating the image dynamicly and
forcing the content type image/gif, the file can be of any extension (e.g.
image.bat or image.exe).
The windows batch file parser is pretty forgiving. It just ignores the first
line of "gif trash" and executes whatever you append to the end of the
hybrid file.
http://www.securityfocus.com/a...389658/2005-02-05/2005-02-11/0
cookies to the ability to run arbitrary code on the client system
http://www.securityfocus.com/a...389657/2005-02-05/2005-02-11/0
DHTML game) you can silently toggle the status of boolean config parameters
http://www.securityfocus.com/a...389695/2005-02-05/2005-02-11/0
A jadnik šta ima da je izašao, ni 3 mjeseca? :>