Home › News › Industry News

MHT Buffer Overflow in Internet Explorer

On March 23, 2003, 3:22 PM

SUMMARY:
IE5 introduced the new 'Web Archive' format for storing web pages, which have the extension MHT. The 'Web Archive' saves a web page as a single document complete with all images. The format is a standard mime/multipart e-mail message, a mime decoding program such as 7bit, 8bit & Base 64 decoder should be able to turn it into something usable with your OS & browser of choice.

This format is pretty nifty & usable, however, there is a potential security breach found when used with encoded executable along with malformed MIME header in the 'Web Archive'. If the encode data is executable or has a single word "MZP" encoded within & Content-Type is not designated, IE5 will be terminated by critical buffer overflow. Consequently, one could compromise the client pc by executing malicious code in the memory.

AFFECTED SYSTEM:
Microsoft Internet Explorer 5.5 & 6.0; prior versions are not vulnerable.

WORKAROUND:
Currently none available.

Would you like to know more? Thanks PIVX.

No tags on this story

Next Article: Warp2Search Updates

2 comments

User Comments: 2

Got something to say? Post a comment

March 23, 2003 7:39 PM

warr said:

these days, so many security patches. :blackeye:

Reply
March 24, 2003 10:29 AM

TS | Thomas said:

Unfortunately not :( Microsoft seems to take forever to get around to some things & others they say, well, no by our definition it requires too much interaction to be a security risk. Bah. If you want security Opera seems to have a great record, they actually fix things.

Reply

Recently commented stories

TechSpot on:

Most Popular

Trending

Featured

Featured on Laptops

Downloads and Drivers

World of Warcraft Patch 5.3.0

Funny Photo Maker 2.4.1

More Downloads

Latest Discussion

Wireless capability keeps turning off 21 replies on Storage and Networking

Need advice on router-buy 10 replies on Storage and Networking

Zotac gtx 660 fan problem 6 replies on Audio and Video

Overclocking i7-3770k, question about speedfan 7 replies on Overclocking, Cooling and Modding

Upgrading my computer 8 replies on Processors and Motherboards

More Recent Discussion

Subscribe to TechSpot

Get free exclusive content, learn about new features and breaking tech news.

TechSpot

Welcome to TechSpot

Home › News › Industry News

MHT Buffer Overflow in Internet Explorer

Next Article: Warp2Search Updates

User Comments: 2

Post a new comment

TechSpot on:

Most Popular

GeForce GTX 780 Review: The Titan Descendant

OCZ Vertex 450 Review: Vector-like Performance For Less

AMD A4-5000 Review: The affordable ultraportable APU

Apple claims Samsung violates Siri patents with Google Now

Apple's iOS 7 to be "black, white and flat all over"

AMD A4-5000 Review: Kabini, the mainstream APU

OCZ Vertex 450 SSD Review

Nvidia GeForce GTX 780 Review

Xbox One: Entertainment Hub First, Gaming Console Second -- But Could It Disrupt TV?

Metro: Last Light Performance, Benchmarked

Featured on Laptops

77 Lenovo ThinkPad X1 Carbon Touch

79 Lenovo IdeaPad Yoga 13

75 Asus VivoBook S400CA

89 Apple MacBook Pro 15" Retina - Summer 2012

85 Apple MacBook Air 13.3 inch - Summer 2012

Downloads and Drivers

Latest Discussion

Subscribe to TechSpot

Featured Tech Content - Inside TechSpot

	Social Login & Guest Posting Post as anonymous user			TechSpot Members Login here or sign up for free, it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.