X
Business

Exploit exposes Internet Explorer's file cache

Georgi Guninski has uncovered yet another security hole in Internet Explorer Versions 5 and above. This latest vulnerability takes advantage of the HTML object and object type elements, allowing the malicious author of a Web page or HTML e-mail to embed a few lines of JavaScript that would reveal the name of IE's temporary Internet file folders.
Written by ZDNET Editors, Contributor

Georgi Guninski has uncovered yet another security hole in Internet Explorer Versions 5 and above. This latest vulnerability takes advantage of the HTML object and object type elements, allowing the malicious author of a Web page or HTML e-mail to embed a few lines of JavaScript that would reveal the name of IE's temporary Internet file folders. With help from KeyLabs, BugNet was able to reproduce this vulnerability as well as identify a couple of workarounds. Full story (on ZDNet's Help & How-To channel). -- Eugene Woodbury, BugNet

Editorial standards