Affected applications: Microsoft Internet Explorer 5.01, 5.5 & 6.0.
Note that any other application that uses Internet Explorer's engine (WebBrowser control) is affected as well (AOL Browser, MSN Explorer, etc.).

Discussion: We found that the above-mentioned parsing procedure has a flaw in it that may cause arbitrary script commands to be executed in the Local Zone. Leading to potential arbitrary commands execution, local file reading & other severe consequences. However, Exploiting this procedure requires user-interaction. The user must click the URL presented to it by the resource for the malicious code to execute.

Solution: Microsoft was notified on 20-Feb-2003. They were able to reproduce this on IE6 Gold & all versions below it. We managed to reproduce it on all versions, including IE6 SP1, with no exceptions. They plan to fix this flaw in a future service pack.

Would you like to know more?