Title: Microsoft Internet Explorer MHTML Content-Location Cross Security Domain Scripting Vulnerability
Severity: MODERATE
Description:
Microsoft Internet Explorer is reported prone to a cross security domain scripting vulnerability. The issue is reported to present itself when a malicious MHTML file is rendered.
A proof of concept for this issue employs a Content-Location value in a MHTML file that contains a 'news://example/' style 'news:' protocol URI. It is reported that a sufficient Content-Location attribute, that appears to be a local hostname, will trick Internet Explorer into executing the script contained in the MHTML file in the intra-net security Zone.
Symantec analysts have observed that the MHTML file may need be an enclosed in a zip archive when it is downloaded in order for this zone bypass to occur. The implication of this issue is that attacker supplied script code may bypass browser security checks to enforce same origin policy, or cross-zone script access.
This issue is reported to affect Microsoft Internet Explorer when it is installed on a computer that is running Microsoft Windows XP Service Pack 2.
This BID will be updated as further analysis of this vulnerability is completed.
Affected Products:
- Microsoft Internet Explorer 6.0 SP1
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
