November 19, 2004 12:00 AM

Multiple Vulnerabilities in Microsoft Internet Explorer 6

Ken Pfeil

Windows IT Pro

InstantDoc ID #44564

Rating:

(6)

Reported November 17, 2004, by cyber flash

VERSIONS AFFECTED

Microsoft Internet Explorer (IE) 6.0

DESCRIPTION
Two vulnerabilities have been discovered in IE that can be used to bypass a security feature in Windows XP Service Pack 2 (SP2) and trick users into downloading malicious files. These two vulnerabilities are:

Windows XP SP2 has a security feature that warns users when they open downloaded files of certain types. The problem is that, in some situations, users won't receive the security warning if the downloaded file was sent with a specially crafted Content-Location HTTP header.
An error when saving some documents using the Javascript execCommand() function can be exploited to spoof the file extension in the Save HTML Document dialog box.

Successful exploitation requires that the option "Hide extension for known file types" is enabled (default setting). A malicious Web site can combine these two vulnerabilites to trick a user into downloading a malicious executable file masquerading as a HTML document.

VENDOR RESPONSE
Microsoft has not released a fix or bulletin that addresses this vulnerability.

CREDIT
Discovered by cyber flash.

Related Content:

ARTICLE TOOLS

Anonymous User

8 years ago
Nov 25, 2004

Is this like the Readers wives section>
Anonymous User

8 years ago
Nov 25, 2004

Hm, 2 questions regarding the issues..:
Before: no Sp2
After: there's Sp2

I just wonder if does it matter if there's sp2 or not. I mean before you neither got the message about file downloads (btw, it's a really annoying feature).
Other question/update is: there was an error in Netscape (many y ago) and in opera (probably 1/2 y ago) where you were able to force the download location. I don't know if you want to write about it but it isn't a security issue - for me(!) - if you are just to change the extension. Expl': create a html document with .exe extension, save it by save as (is that a problem? not really - as i said: at me).
Anonymous User

8 years ago
Nov 24, 2004

Mister 'screw IE', Your razor sharp intellectual comments have completely changed my opinion on this matter. You are truly a poet.
Anonymous User

8 years ago
Nov 24, 2004

"Screw IE"??
"Firefox rules??"

Please restrict your posts to the under-12 "script-kiddy" area....
Anonymous User

8 years ago
Nov 24, 2004

Screw IE. Firefox rules. IE is only useful for non-critical Windows updates, apart from that, it's obsolete!

First
Previous
1
2
3
Next
Last

You must log on before posting a comment.

Are you a new visitor? Register Here

Windows Vista password recovery
If you haven’t found your forgotten Windows Vista password, then it's time to get serious. Search on...
Windows Vista password recovery
If you haven’t found your forgotten Windows Vista password, then it's time to get serious. Search on...
The thinnest 7 inch IPS tablet PC in the world, only 8.9mm
Main features: Allwinner A10 1.2GHz Cortex A8+Mali400 GPU RAM DDR3 1GB Nand Flash 8GB (Support T...
How to Hack Windows Vista Administrator Password to Logon
Microsoft takes five years plus to develop Windows Vista, the so-called highly secured and renowned ...
Crack Windows XP Login Password with 2 Useful Utilities
Microsoft first released its Windows XP operating system in 2001. It has since been replaced with ne...
Crack Windows XP Login Password with 2 Useful Utilities
Microsoft first released its Windows XP operating system in 2001. It has since been replaced with n...