[原文]Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to execute arbitrary code via malformed Content-Disposition and Content-Type header fields that cause the application for the spoofed file type to pass the file back to the operating system for handling rather than raise an error message, aka the second variant of the "Content Disposition" vulnerability.
Microsoft Internet Explorer 5.01和6.0版本存在漏洞。攻击者可以借助畸形Content-Disposition和Content-Type头字段执行任意代码,该漏洞将会导致欺骗文件类型的应用程序将文件返回操作系统进行处理,而不是提交错误信息,也称为第二变量的“Content Disposition”漏洞
Microsoft Internet Explorer 5.01和6.0版本存在漏洞。攻击者可以借助畸形Content-Disposition和Content-Type头字段执行任意代码,该漏洞将会导致欺骗文件类型的应用程序将文件返回操作系统进行处理,而不是提交错误信息,也称为第二变量的“Content Disposition”漏洞
Microsoft IE Content-disposition Header Auto Download/Execute
-
漏洞描述
Microsoft Internet Explorer contains a flaw that allows a remote attacker to force a vulnerable IE browser to download and execute arbitrary files. The flaw is due to the way IE handles a specific Content-Type and Content-disposition header, specifically "audio/x-ms-wma". When the browser handles this content type, it will automatically download a file specified by the attacker and execute it on the local machine.
-
时间线
2002-03-18
Unknow
2002-03-18
Unknow
-
解决方案
Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.