SUMMARY:
IE5 introduced the new 'Web Archive' format for storing web pages, which have the extension MHT. The 'Web Archive' saves a web page as a single document complete with all images. The format is a standard mime/multipart e-mail message, a mime decoding program such as 7bit, 8bit & Base 64 decoder should be able to turn it into something usable with your OS & browser of choice.

This format is pretty nifty & usable, however, there is a potential security breach found when used with encoded executable along with malformed MIME header in the 'Web Archive'. If the encode data is executable or has a single word "MZP" encoded within & Content-Type is not designated, IE5 will be terminated by critical buffer overflow. Consequently, one could compromise the client pc by executing malicious code in the memory.

AFFECTED SYSTEM:
Microsoft Internet Explorer 5.5 & 6.0; prior versions are not vulnerable.

WORKAROUND:
Currently none available.

Would you like to know more? Thanks PIVX.

these days, so many security patches. :blackeye:

Unfortunately not Microsoft seems to take forever to get around to some things & others they say, well, no by our definition it requires too much interaction to be a security risk. Bah. If you want security Opera seems to have a great record, they actually fix things.