Microsoft Internet Explorer 6 – Codebase Double Backslash Local Zone File Execution
漏洞ID | 1054268 | 漏洞类型 | |
发布时间 | 2003-11-25 | 更新时间 | 2003-11-25 |
CVE编号 | N/A |
CNNVD-ID | N/A |
漏洞平台 | Windows | CVSS评分 | N/A |
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/10344/info
A vulnerability has been reported that may potentially permit HTML documents to gain unauthorized access to local resources by using specific syntax when referencing said resource as a value for the CODEBASE object property. Under certain conditions, this could be exploited to reference executable content on the victim system.
In particular, by pre-pending two backslash characters (\) to the resource path, it may be possible to invoke the resource. This syntax is reportedly still valid despite patches to limit other means of allowing remote users to reference local content on client systems.
This works if the resource is invoked from the Local Zone, so other vulnerabilities are required to bypass Zone restrictions and cause malicious content to be executed in the Local Zone. BIDs 9658, 9320, 9105, and 9107 could all theoretically be exploited in combination with this issue, potentially allowing for execution of arbitrary code on the client system if properly exploited.
Attacks that exploit this issue in tandem with other vulnerabilities may be executed through Internet Explorer or HTML email via Outlook/Outlook Express.
Note: This BID initially included a proof-of-concept that was published by Roozbeh Afrasiabi that caused a .CHM file to be referenced from the Internet Zone. Further research has determined that this is a new, distinct vulnerability and BID 10348 has been created to describe this issue.
file://[SysDrive]:\[INTERNET CACHE PATH]CONTENT.IE5EXE.EXE
mhtml:file://[SysDrive]:\[INTERNET CACHE PATH]CONTENT.IE5MHT.MHT!file:///C:EXE.EXE
相关推荐: Microsoft Internet Explorer Multimedia Page Cross-Site Scripting Vulnerability
Microsoft Internet Explorer Multimedia Page Cross-Site Scripting Vulnerability 漏洞ID 1101098 漏洞类型 Input Validation Error 发布时间 2002-…
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
喜欢就支持一下吧
恐龙抗狼扛1年前0
kankan啊啊啊啊3年前0
66666666666666