Bugtraq: Re: .MHT Buffer Overflow in Internet Explorer

Bugtraq mailing list archives

Re: .MHT Buffer Overflow in Internet Explorer

From: "Thor Larholm" <thor () pivx com>
Date: Sun, 26 Jan 2003 00:23:16 +0100

From: "jelmer" <jelmer () kuperus xs4all nl>
I believe from ie6 SP1 on IE doesn't open any mht files directly from the
web anymore.
from the local filesystem it still works though.


That's the funny thing, IE6 SP1 still allows opening MHT files directly from
the web in the Internet Zone, so this is remotely exploitable on websites.

Since MHT files are opened automatically, just like certain other media
files, you can also open an MHT file automatically through an email message
in the Restricted Zone.


Regards
Thor Larholm
PivX Solutions, LLC - Senior Security Researcher

By Date By Thread

Current thread:

.MHT Buffer Overflow in Internet Explorer Tom Tanaka (Mar 11)
- Re: .MHT Buffer Overflow in Internet Explorer jelmer (Mar 11)
  - Re: .MHT Buffer Overflow in Internet Explorer Thor Larholm (Mar 12)
- Re: .MHT Buffer Overflow in Internet Explorer Jouko Pynnonen (Mar 11)
- <Possible follow-ups>
- Re: .MHT Buffer Overflow in Internet Explorer http-equiv () excite com (Mar 11)