Microsoft IE Javascript Load Local File Path Disclosure

2005-01-14T04:58:53
ID OSVDB:13040
Type osvdb
Reporter Berend-Jan Wever(skylined@edup.tudelft.nl)
Modified 2005-01-14T04:58:53

Description

Vulnerability Description

Windows contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when IE is given the path to a javascript file known to be installed by default, which will disclose installation path information resulting in a loss of confidentiality.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Windows contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when IE is given the path to a javascript file known to be installed by default, which will disclose installation path information resulting in a loss of confidentiality.

References:

Secunia Advisory ID:13872 Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-01/0476.html Generic Exploit URL: http://www.edup.tudelft.nl/~bjwever/advisory_ie_flaws.html.php