<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Vulnerability Development: Re: Problem in IE's File Type Recognition

Re: Problem in IE's File Type Recognition

From: mikeiscool <michaelslists_at_gmail.com>
Date: Wed, 26 Jul 2006 09:16:43 +1000

On 25 Jul 2006 09:54:31 -0000, knight4vn_at_yahoo.com <knight4vn_at_yahoo.com> wrote:
> I found out one way to make Internet Explorer ver 6.0 recognize incorrectly type of any particular files.
>
> E.g one file named "abcd.exe" is Application type but we can force the IE browser to understand that
>
> file is "Image/JPG" or "Image/Gif" and so on ..
>
> Currently, I'm still working to find the solution allowed us to exploit IE based on this bug.
>
> Does any one have any suggestions?

this isn't a bug it's by design.

it can be useful, though, to force ie to download your executable
binary data to the local machine though. but it won't be executed,
unless it's combined with other ie bugs.

-- mic
Received on Jul 26 2006

This message: [ Message body ]
Next message: Arian J. Evans: "RE: Problem in IE's File Type Recognition"
Previous message: Peter Gutmann: "Re: Problem in IE's File Type Recognition"
In reply to: knight4vn_at_yahoo.com: "Problem in IE's File Type Recognition"
Next in thread: Arian J. Evans: "RE: Problem in IE's File Type Recognition"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos