Exploit exposes Internet Explorer's file cache

Georgi Guninski has uncovered yet another security hole in Internet Explorer Versions 5 and above. This latest vulnerability takes advantage of the HTML object and object type elements, allowing the malicious author of a Web page or HTML e-mail to embed a few lines of JavaScript that would reveal the name of IE's temporary Internet file folders.

Georgi Guninski has uncovered yet another security hole in Internet Explorer Versions 5 and above. This latest vulnerability takes advantage of the HTML object and object type elements, allowing the malicious author of a Web page or HTML e-mail to embed a few lines of JavaScript that would reveal the name of IE's temporary Internet file folders. With help from KeyLabs, BugNet was able to reproduce this vulnerability as well as identify a couple of workarounds. Full story (on ZDNet's Help & How-To channel). -- Eugene Woodbury, BugNet

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All