Microsoft Internet Explorer Information Disclosure Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 4 Feb 2010 4357 Views

RISK: Medium Risk

Medium Risk

A vulnerability has been identified in Microsoft Internet Explorer, which could be exploited by attackers to access files with an already known filename and location.

The vulnerability exists due to content being forced to render incorrectly from local files in such a way that information can be exposed to malicious websites.

Impact

  • Information Disclosure

System / Technologies affected

  • Windows 2000
  • Windows XP
  • Windows Server 2003
  • Windows Vista
  • Windows Server 2008
  • Windows 7
  • Internet Explorer 5.01
  • Internet Explorer 6
  • Internet Explorer 7
  • Internet Explorer 8

Solutions

There is no patch available for this vulnerability currently.

    Workaround :
  • Enable Protected Mode in Internet Explorer on Windows Vista and later limits the impact of the vulnerability
  • Set the security level for the Internet and Local Intranet zone in Internet Explorer to "High"

Vulnerability Identifier

Source

Related Link

Share with

Previous

Apple iPhone and iPod Touch Multiple Vulnerabilities

4 Feb 2010 4388 Views

Next

Microsoft Windows Client/Server Run-time Subsystem (CSRSS) Local Privilege Elevation Vulnerability

10 Feb 2010 4268 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY