Release Date: 2004-12-07
Update Date: 2004-12-08
Affected system:
Microsoft Internet Explorer 6.0sp1
- Microsoft Windows XP Professional SP1
- Microsoft Windows XP Professional
- Microsoft Windows XP Home SP1
- Microsoft Windows XP HOME
- Microsoft Windows NT 4.0 SP6A
- Microsoft Windows ME
- Microsoft Windows 98 SE
- Microsoft Windows 98
- Microsoft Windows 2003 Web Edition
- Microsoft Windows 2003 Standard Edition
- Microsoft Windows 2003 Enterprise Edition 64-bit
- Microsoft Windows 2003 Enterprise Edition
- Microsoft Windows 2003 Datacenter Edition 64-bit
- Microsoft Windows 2003 Datacenter Edition
- Microsoft WINDOWS 2000
description:
Microsoft Internet Explorer is a popular web browser.
Microsoft Internet Explorer has problems with the "Sysimage: //" protocol, and remote attackers can use this vulnerability to determine the software installed in the target system.
"sysimage: //" is used to display the correct icon of the relative file path, the default behavior is if the file path exists as input, it displays the related icon, but if the file path is provided does not exist, it loads the folder icon. Instead, this feature can be used to determine the software installed in the target system.
<* Source: Viper
Viper31337@yahoo.co.in)
link:
Http://marc.theaimsgroup.com/?l=bugtraq&m=110246475306940&w=2
*>
testing method:
Police Operations (Methods) may have an aggressive, only for safety research and teaching. Users are at your own risk! Viper
Viper31337@yahoo.co.in provides the following test method:
OnLoad = "Document.write (' cannot find file! ');"
Onerror = "Document.write (' file exists! "); ">>>>>>>>>>>>
You can also get the test page from the following address:
Http://crapware.lx.ro/junkcode/security/ie-sp1-sysimage-local-file-existence.htm
