• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: Microsoft Internet Explorer Spoofable File Extensions Vulnerability

Severity: HIGH

Description:

Microsoft Internet Explorer is prone to an issue which when successfully exploited, may cause an unsuspecting web user to execute files of an entirely different nature than they appear to be. Patched versions of the browser are also affected by this vulnerability.

It is possible for a malicious webmaster, hosting files on an website, to spoof file extensions for users of Internet Explorer. For example, an .exe file can be made to look like a .txt (or other seemingly harmless file type) file in the Download dialog.

When including a certain string of characters between the filename and the actual file extension, IE will display the specified misleading file extension type. The source of this issue is that Internet Explorer trusts the filename in the URL, as opposed to relying upon the Header Content-Type for information about what type of file it is.

The end result is that a malicious webmaster is able to entice a user to open or save arbitrary files to their local system.

Affected Products:

• Microsoft Internet Explorer 5.5
• Microsoft Internet Explorer 5.5 SP1
• Microsoft Internet Explorer 5.5 SP2
• Microsoft Internet Explorer 6.0
• Microsoft Windows ME
• Microsoft Windows Server 2003 Datacenter Edition
• Microsoft Windows Server 2003 Datacenter Edition Itanium
• Microsoft Windows Server 2003 Enterprise Edition
• Microsoft Windows Server 2003 Enterprise Edition Itanium
• Microsoft Windows Server 2003 Standard Edition
• Microsoft Windows Server 2003 Web Edition
• Microsoft Windows XP Home
• Microsoft Windows XP Professional

References:

• Microsoft: Microsoft Security Bulletin MS01-058 Cumulative Patch for IE
• Microsoft: Microsoft Security Bulletin MS02-005

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.