Local file access and code execution in Microsoft Internet Explorer and Netscape/Mozilla XML component
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
Local file access and code execution in Microsoft Internet Explorer and Netscape/Mozilla XML component
updated since 17.12.2001
Published:
11.10.2004
Source:
BUGTRAQ
SecurityVulns ID:
1629
Type:
client
Level:
6
/10
Description:
Microsoft's Microsoft.XMLHTTP and Mozilla XMLHttpRequest incorrectly handle redirection allowing to access local files.
Affected:
MICROSOFT
:
Internet Explorer 5.5
MICROSOFT
:
Internet Explorer 6.0
MOZILLA
:
Mozilla 0.9
NETSCAPE
:
Netscape 6.1
MOZILLA
:
Mozilla 1.0
NETSCAPE
:
Netscape 6.2
Original document
SECUNIA
,
[SA12765] Microsoft Internet Explorer Disclosure of Sensitive XML Information
(
11.10.2004
)
GreyMagic Software
,
Reading local files in Netscape 6 and Mozilla (GM#001-NS)
(
30.04.2002
)
MICROSOFT
,
Security Bulletin MS02-008
(
24.02.2002
)
Jouko Pynnonen
,
MSIE may download and run programs automatically - details
(
15.01.2002
)
jelmer
,
More reading of local files in MSIE
(
05.01.2002
)
CERT
,
Advisory CA-2001-36 Microsoft Internet Explorer Does Not Respect Content-Disposition and Content-Type MIME Headers
(
20.12.2001
)
MICROSOFT
,
13 December 2001 Cumulative Patch for IE
(
18.12.2001
)
jelmer
,
MSIE6 can read local files
(
17.12.2001
)
Files:
Internet Explorer file reading demonstration
Discuss:
Read or add your comments to this news (0 comments)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
test server
