Remote Code Execution from a link on Finjan.com

Go to http://www.finjan.com/Content.aspx?id=577
and navigate to the link: VBDemo.htm.
Click it, and what happens is that a folder gets created off of your C: drive. A file gets created, listing the other folders that exist off of your C: drive.
All this happens with CIS fully enabled.
Could someone tell me what settings I can tweak in CIS to prevent this remote code execution like this from happening ?
Thanks.

Simply use another browser. I sujest you use Opera (Opera Web Browser | Faster, Safer, Smarter | Opera ) as it’s capable of passing it :slight_smile:

Xan

Pass. 8)

http://i40.tinypic.com/2hxok0p.png

BTW there are still peoples with IE? :o

Like Burebista, I’m using Firefox and get the same results in the posted screenshot.

IE can be as safe as any:

As far as IE8 in Vista is concerned, the finjan test brings up a false positive. The “medium high” security setting will block the Microsoft script runtime from running. I am sure of this because there is no “finjan” folder in my C: drive - and the yellow box notifier in the browser.

http://i41.tinypic.com/2he9bus.jpg

The tweak would be switching to “COMODO - Firewall Security” policy and treating iexplore.exe as a “Limited Application” by using the computer security policy. This will make sure of safe browsing experience.

By default, since there is CAV, we intentionally lowered down some of the defenses so that CIS prevents new infections.

Egemen

This has nothing to do with your browser, it’s about the configuration. Here’s Internet Explorer 6, with CIS disabled.

http://i41.tinypic.com/2ng6glu.png

Yes, the default settings are lax.

You mean by setting the IE Internet zone setting to high? and has anyone verified my test?