cyber flash has discovered two vulnerabilities in Internet Explorer, which can be exploited by malicious people to bypass a security feature in Microsoft Windows XP SP2 and trick users into downloading malicious files.
1) Microsoft Windows XP SP2 has a security feature, which warns users when opening downloaded files of certain types. The problem is that if the downloaded file was sent with a specially crafted "Content-Location" HTTP header or referenced using a specially crafted URL, then in some situations, no security warning will be displayed when the file is opened.
Successful exploitation requires that the option "Hide extension for known file types" is enabled (default setting).
A combination of vulnerabilities 1 and 2 can be exploited by a malicious web site to trick a user into downloading a malicious executable file masqueraded as a HTML document.
The vulnerabilities have been confirmed on a fully patched system with Internet Explorer 6.0 and Microsoft Windows XP SP2.
Solution: Disable Active Scripting support and the "Hide extension for known file types" option.
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org
Subject: Microsoft Internet Explorer Two Vulnerabilities
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.