Multiple Vulnerabilities in Microsoft Internet Explorer 5.5 and 6.0

Reported December 13, 2001, byMicrosoft.

VERSIONS AFFECTED

·        Microsoft Internet Explorer 6.0

·        Microsoft Internet Explorer 5.5

DESCRIPTION
Threenew vulnerabilities exist in Microsoft Internet Explorer (IE) 6.0 and 5.5. Thefirst vulnerability results from a problem in the way that IE handles theContent-Type and Content-Disposition header fields in an HTML stream. Bymodifying these fields in a specific way, an attacker can fool IE into thinkingthat the file is a different file type and can open harmful files. To workaround this problem, users must disable file downloads completely under theappropriate IE security zones. The second problem involves a variant of the FrameDomain Verification vulnerability that lets a malicious intruder use a Website to read any file on the local computer. The third vulnerabilityinvolves a problem with the filenames that IE displays in the File Downloaddialog box. In an attempt to trick the user, an attacker can use thisvulnerability to misrepresent the name of the file presented for download.

VENDOR RESPONSE

Thevendor, Microsoft, has released SecurityBulletin MS01-058to address these vulnerabilities and recommends that affected users apply the patchprovided at this URL. This patch is cumulative roll-up of all patches thecompany has previously issued for these versions of IE. Microsoft no longersupports previous versions of IE.

CREDIT
Discovered by JoukoPynnonen, Juan Carlos G. Cuartango,and Jesús López de Aguileta.