another IE weakness exposed

Discussion in 'Windows Desktop Systems' started by Heeter, Jan 29, 2004.

  1. Heeter

    Heeter Overclocked Like A Mother

    Messages:
    2,732
    A cut 'n' paste from Bink.nu.

    Critical: Moderately critical
    Impact: Security Bypass

    Where: From remote

    Software: Microsoft Internet Explorer 6

    Description:
    http-equiv has identified a vulnerability in Internet Explorer, allowing malicious web sites to spoof the file extension of downloadable files.

    The problem is that Internet Explorer can be tricked into opening a file, with a different application than indicated by the file extension. This can be done by embedding a CLSID in the file name. This could be exploited to trick users into opening "trusted" file types which are in fact malicious files.

    Secunia has created an online test:
    http://secunia.com/Internet_Explorer_File_Download_Extension_Spoofing_Test/

    This has been reported to affect Microsoft Internet Explorer 6.

    NOTE: Prior versions may also be affected.

    Solution:
    Do not use "Open" file, always save files to a folder as this reveals the suspicious filename.

    Provided and/or discovered by:
    http-equiv


    News Source: MSFN.org


    Heeter
     
  2. Reg

    Reg eXperienced!

    Messages:
    639
    Location:
    Arlington, TX
    I've seen that before back in the day with IE5. I'm surpised they haven't fixed that by now. Well, good thing I don't use IE.
     
  3. Xie

    Xie - geek - Subscribed User Folding Team

    Messages:
    5,275
    Location:
    NY, USA
    How can an exploit in the day and age of spam/IRC, and other places ppl are exposed to a never ending spam of URL's, be only "Moderately critical" when they could be clicking what they think is a harmless jpg and instead is a exe that destroys everything on there computer or turns it into a DDoS zombie?