New Ie Vulnerability

**sharedholder** · 04-09-2004, 12:32 PM

:helpsmile:

Vulnerability in Internet Explorer ITS Protocol Handler

There is a cross-domain scripting vulnerability in the way ITS protocol handlers determine the security domain of an HTML component stored in a Compiled HTML Help (CHM) file. The HTML Help system "...uses the underlying components of Microsoft Internet Explorer to display help content. It supports HTML, ActiveX, Java, [and] scripting languages (JScript, and Microsoft Visual Basic Scripting Edition)." CHM files use the InfoTech Storage (ITS) format to store components such as HTML files, graphic files, and ActiveX objects. IE provides several protocol handlers that can access ITS files and individual CHM components: its:, ms-its:, ms-itss:, and mkMSITStore:. IE also has the ability to access parts of MIME Encapsulation of Aggregate HTML Documents (MHTML) using the mhtml: protocol handler.

When IE references an inaccessible or non-existent MHTML file using the ITS and mhtml: protocols, the ITS protocol handlers can access a CHM file from an alternate source. IE incorrectly treats the CHM file as if it were in the same domain as the unavailable MHTML file. Using a specially crafted URL, an attacker can cause arbitrary script in a CHM file to be executed in a different domain, violating the cross-domain security model.

News source

muchspl2 · 04-09-2004, 01:24 PM

no patch yet and it doesn't matter if you use modzilla or firefox
doesn't matter what browser you use

**LSA** · 04-09-2004, 01:47 PM

That's cute.

**shn** · 04-09-2004, 01:54 PM

I knew there was a reason why my *nix box would'nt open the KL FAQ.

I'm such a n00b.

**LSA** · 04-09-2004, 02:10 PM

Originally posted by shn@9 April 2004 - 07:54
I knew there was a reason why my *nix box would'nt open the KL FAQ.

I'm such a n00b.

What a n00b!

j/k!

**fred devliegher** · 04-09-2004, 03:38 PM

no patch yet and it doesn't matter if you use modzilla or firefox

Wait - I can ignore it when I use Firefox, or I'm skewered whatever I use ?

**shn** · 04-09-2004, 03:51 PM

Originally posted by fred devliegher@9 April 2004 - 09:38

no patch yet and it doesn't matter if you use modzilla or firefox

Wait - I can ignore it when I use Firefox, or I'm skewered whatever I use ?

Your Screwed!

**supersonic** · 04-09-2004, 04:26 PM

I heard about this one some time ago in the lounge( or talk clube or whatever).
All firewalls, security softwre, and antiviruses can't help ya now, so it all depends ont he dumb ass sitting on the computer

**shn** · 04-11-2004, 07:29 PM

Your google toolbars have been owned too. Not too many people think about updating it.......especially when they use ie.

copy and paste this in google.

CAN-2002-1442

check your version.

**Xero Grid** · 04-12-2004, 01:27 AM

It's a neverending battle.

What does the google toolbar do again?

-- Xero Grid --

Thread: New Ie Vulnerability

Thread Tools

Bookmarks

Bookmarks

Posting Permissions