13 lines
No EOL
811 B
Text
13 lines
No EOL
811 B
Text
source: https://www.securityfocus.com/bid/4752/info
|
|
|
|
An issue exists in the way Microsoft Internet Explorer handles conflicting information in some HTTP headers used to describe non-HTML content. A malicious web server may provide content with misleading values in the content-type and content-disposition headers.
|
|
|
|
Under some circumstances, the result may be that IE will automatically download and execute attacker-supplied programs.
|
|
|
|
It has been demonstrated that this vulnerability can be exploited when Windows Media Player 6.4 or 7.1 is installed on the system.
|
|
|
|
This vulnerability may also be exploited through HTML formatted email.
|
|
|
|
This vulnerability could potentially be exploited by an HTTP header similar to the following:
|
|
Content-Type: audio/x-ms-wma
|
|
Content-disposition: inline; filename="foo.exe" |