Title: Microsoft Internet Explorer FTP Protocol Handler Local File Disclosure Weakness
Severity: MODERATE
Description:
Microsoft Internet Explorer contains a weakness that may allow remote attackers to disclose directory contents on the local system. This issue may be combined with other vulnerabilities to disclose sensitive information or reference previously placed malicious files on the system.
It is reported that this issue may be triggered by employing the 'SRC' attribute of an IFRAME. An attacker can use the 'ftp://' handler with '../' character sequences through the 'SRC' attribute to potentially disclose sensitive files. It should be noted that an attacker must be able to reference properties of the IFRAME remotely to carry out this attack. This may be accomplished by exploiting a zone bypass type of vulnerability.
Another attack scenario could involve an attacker placing a malicious file on a vulnerable system and then using this technique to determine the location of the file. This also requires the attacker to exploit some other vulnerability or enticing a user to download a malicious file before using this weakness to reference the local file.
Affected Products:
- Microsoft Internet Explorer 6.0
- Microsoft Internet Explorer 6.0 SP1
- Microsoft Windows Server 2003 Datacenter Edition
- Microsoft Windows Server 2003 Datacenter Edition Itanium
- Microsoft Windows Server 2003 Enterprise Edition
- Microsoft Windows Server 2003 Enterprise Edition Itanium
- Microsoft Windows Server 2003 Standard Edition
- Microsoft Windows Server 2003 Web Edition
- Microsoft Windows XP Home
- Microsoft Windows XP Professional
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
