Flooding Internet Explorer 6

By Thomas McGuire on May 18, 2003, 12:23 PM
Vulnerability
I've noticed that on my test environment it is possible to bypass Internet Explorer Zones protection by flooding it with large number of file:// requests in example to infected fileserver. The result of this bypass is EXECUTION OF ANY REQUESTED FILE. My requested file was 'trojan.exe' placed on neighbour WIN2K Professional workstation. To see code used during the test check files in attached archive.

On IE 6.0 the result was always the same, after more than 200 dialog boxes with 'trojan.exe' request, suddenly requested file got executed. For the purpose of this test I've used 2 Win2K & WinXP workstations with Internet Explorer 6.0.2800.1106 (I believe that's most recent version of IE) & on both workstations opening the 'dmz1.html' file trough LAN share resulted in executing 'trojan.exe' application. My Internet Security Zone was set to "MEDIUM".

Would you like to know more?

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.