TS | Thomas
Posts: 1,318 +2
Affected applications: Microsoft Internet Explorer 5.01, 5.5 & 6.0.
Note that any other application that uses Internet Explorer's engine (WebBrowser control) is affected as well (AOL Browser, MSN Explorer, etc.).
Discussion: We found that the above-mentioned parsing procedure has a flaw in it that may cause arbitrary script commands to be executed in the Local Zone. Leading to potential arbitrary commands execution, local file reading & other severe consequences. However, Exploiting this procedure requires user-interaction. The user must click the URL presented to it by the resource for the malicious code to execute.
Solution: Microsoft was notified on 20-Feb-2003. They were able to reproduce this on IE6 Gold & all versions below it. We managed to reproduce it on all versions, including IE6 SP1, with no exceptions. They plan to fix this flaw in a future service pack.
Would you like to know more?
Note that any other application that uses Internet Explorer's engine (WebBrowser control) is affected as well (AOL Browser, MSN Explorer, etc.).
Discussion: We found that the above-mentioned parsing procedure has a flaw in it that may cause arbitrary script commands to be executed in the Local Zone. Leading to potential arbitrary commands execution, local file reading & other severe consequences. However, Exploiting this procedure requires user-interaction. The user must click the URL presented to it by the resource for the malicious code to execute.
Solution: Microsoft was notified on 20-Feb-2003. They were able to reproduce this on IE6 Gold & all versions below it. We managed to reproduce it on all versions, including IE6 SP1, with no exceptions. They plan to fix this flaw in a future service pack.
Would you like to know more?