Title: Microsoft Internet Explorer Arbitrary HTML File Execution Vulnerability
Severity: HIGH
Description:
Internet Explorer by design includes an HTML parser. Upon accessing a file, this feature enables the browser to detect HTML content within the file. Once IE detects HTML content within a file, regardless of the actual file type, it will be handled as an HTML file.
This HTML parser feature can pose a security threat if malicious script is included in a HTML file that is saved as another file type. For example, if a file has a .gif, .txt, or .jpg etc. file extension, and it contains HTML tags along with arbitrary script. IE will detect the content type and not open the file according to the extension, it will be opened as an HTML file. Possibly allowing the execution of the arbitrary script.
It should be noted that if the file is downloaded and saved to the local system directory, Windows will attempt to open the file using the appropriate file viewer. The contents of the file will not execute.
Depending on the security level of the user running the vulnerable application, successful exploitation of this vulnerability could lead to execution of arbitrary script on a victim host.
Affected Products:
- Microsoft Internet Explorer 5.0
- Microsoft Internet Explorer 5.0.1
- Microsoft Internet Explorer 5.0.1 SP1
- Microsoft Internet Explorer 5.0.1 SP2
- Microsoft Internet Explorer 5.5
- Microsoft Internet Explorer 5.5 SP1
- Microsoft Windows 98SE
- Microsoft Windows ME
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
