Main Menu
Network
Sponsor
Top 10 Sites
Partners
|
|
Top Submit newsSubscribe 
Communication | Computer Crime | Digital Audio, Video, Photo | General News | Hardware | Internet | Mobile | PDA | Security | Software | Vulnerability |
Previous articleBack to news listNext article
| Sponsored links | Want to become one of our authors and see your work published on ALLSeek.iNFO ?
| | Microsoft Internet Explorer showHelp() '..' Directory Traversal Flaw Lets Remote Users Execute Files on the Target System |
|---|
Categorie: Vulnerability
Posted: 2004-01-05 by ReCall
Views: 447
| Current Rating: Not rated
|
| | Details |
|---|
Description: A vulnerability was reported in Microsoft Internet Explorer in the showHelp() function. A remote user can execute arbitrary files on the target system.
Arman Nayyeri reported that a remote user can create HTML that exploits a directory traversal flaw in the showHelp() implementation to execute arbitrary specified 'chm' files on the target system. The files will run in the Local Computer security zone with the privileges of the target user.
A demonstration exploit method for running 'chm' files located on the system drive is provided:
showHelp("mk:@MSITStore:iexplore.chm: :........chmfile.chm::/fileinchm.html");
According to the report, the target 'chm' file is not required to have a '.chm' file extension if the double colon string ('::') is used in the showHelp() call.
Impact: A remote user can create HTML that, when loaded by the target user, will execute known compiled help files
(chm files) on the target user's system.
Solution: No solution was available at the time of this entry.
| | Syndication |
|---|
Permalink Email this
The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=629
| | User comments (post your comments ) |
|---|
Only registerd members can post comments and articles
|
| Previous articleBack to news listNext article
|
|
|
|
InterJOB.su
|
