Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Microsoft Internet Explorer MIME Type File Extension Spoofing Vulnerability

Microsoft Internet Explorer MIME Type File Extension Spoofing Vulnerability

by Nikola Strahija on February 14th, 2002 Microsoft Internet Explorer uses the Content-Type and Content-Disposition HTML header fields to determine the file type of non-HTML files referenced by a website. These two content headers make up the MIME type of the field.


It is possible to insert information into the Content-Type and Content-Disposition fields that would tell Internet Explorer that a file being downloaded is of a different type than it actually is. This would not cause the file to be executed automatically, but could trick a vulnerable user into believing that they are downloading a text file instead of an executable file.

This vulnerablility was originally believed to be the same as the one reported in Bugtraq ID 3597, but was later found to be a different method of achieving the same goal.

Remote: Yes

Exploit: There is no exploit code.

Solution: Microsoft has released a patch to address this issue:



Microsoft Internet Explorer 5.0.1SP2:

Microsoft Patch q316059_IE 5.01
http://download.microsoft.com/download/ie501sp2/secpac25/5.01_sp2/NT5/EN-US/q316059.exe

Microsoft Internet Explorer 5.5SP2:

Microsoft Patch q316059_IE 5.5SP2
http://download.microsoft.com/download/ie55sp2/secpac25/5.5_sp2/WIN98Me/EN-US/q316059.exe

Microsoft Internet Explorer 5.5SP1:

Microsoft Patch q316059_IE 5.5SP1
http://download.microsoft.com/download/ie55sp1/secpac25/5.5_sp1/WIN98Me/EN-US/q316059.exe

Microsoft Internet Explorer 6.0:

Microsoft Patch q316059_IE6
http://download.microsoft.com/download/IE60/secpac25/6/W98NT42KMeXP/EN-US/q316059.exe



Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »