Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Microsoft Internet Explorer File Contents Disclosure Vulnerability

Microsoft Internet Explorer File Contents Disclosure Vulnerability

by platon on June 15th, 2001 A vulnerability exists in Internet Explorer which could allow a malicious website operator to obtain data from a visiting user's system...



If a known local file on the client filesystem is referenced as script source, some of its contents can be read if they are formatted in a certain way. The contents have to be formatted as though script variables are being assigned values. If a file exists in this manner and resides in a known location, it is possible for a website operator to obtain some or all of it's contents.

Microsoft Security Response Center:


IE 5 is no longer supported - so unless this repro's on 5.01 or 5.5, we wouldn't consider doing anything for this.

[Homepage]


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »