TS | Thomas
Posts: 1,318 +2
SUMMARY:
IE5 introduced the new 'Web Archive' format for storing web pages, which have the extension MHT. The 'Web Archive' saves a web page as a single document complete with all images. The format is a standard mime/multipart e-mail message, a mime decoding program such as 7bit, 8bit & Base 64 decoder should be able to turn it into something usable with your OS & browser of choice.
This format is pretty nifty & usable, however, there is a potential security breach found when used with encoded executable along with malformed MIME header in the 'Web Archive'. If the encode data is executable or has a single word "MZP" encoded within & Content-Type is not designated, IE5 will be terminated by critical buffer overflow. Consequently, one could compromise the client pc by executing malicious code in the memory.
AFFECTED SYSTEM:
Microsoft Internet Explorer 5.5 & 6.0; prior versions are not vulnerable.
WORKAROUND:
Currently none available.
Would you like to know more? Thanks PIVX.
IE5 introduced the new 'Web Archive' format for storing web pages, which have the extension MHT. The 'Web Archive' saves a web page as a single document complete with all images. The format is a standard mime/multipart e-mail message, a mime decoding program such as 7bit, 8bit & Base 64 decoder should be able to turn it into something usable with your OS & browser of choice.
This format is pretty nifty & usable, however, there is a potential security breach found when used with encoded executable along with malformed MIME header in the 'Web Archive'. If the encode data is executable or has a single word "MZP" encoded within & Content-Type is not designated, IE5 will be terminated by critical buffer overflow. Consequently, one could compromise the client pc by executing malicious code in the memory.
AFFECTED SYSTEM:
Microsoft Internet Explorer 5.5 & 6.0; prior versions are not vulnerable.
WORKAROUND:
Currently none available.
Would you like to know more? Thanks PIVX.
Microsoft seems to take forever to get around to some things & others they say, well, no by our definition it requires too much interaction to be a security risk. Bah. If you want security Opera seems to have a great record, they actually fix things.
