Microsoft IE Cached Content .chm Arbitrary Program Execution

2000-11-20T00:00:00
ID OSVDB:7823
Type osvdb
Reporter Oliver Friedrichs(of@securityfocus.com), Georgi Guninski(guninski@guninski.com)
Modified 2000-11-20T00:00:00

Description

Vulnerability Description

Microsoft Internet Explorer contains a flaw that may allow a remote attacker to execute arbitrary commands. Internet Explorer allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs.

Solution Description

Upgrade to version 6.0 or higher, as it has been reported to fix this vulnerability. In addition, Microsoft has released a patch for the affected versions.

Short Description

Microsoft Internet Explorer contains a flaw that may allow a remote attacker to execute arbitrary commands. Internet Explorer allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs.

References:

OVAL ID: 920 Microsoft Security Bulletin: MS01-015 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2000-11/0264.html ISS X-Force ID: 5567 Generic Exploit URL: http://www.guninski.com/chmtempmain.html Generic Exploit URL: http://www.malware.com/help!.zip CVE-2001-0002 CIAC Advisory: l-061 Bugtraq ID: 2456