Incorrect MIME Header Can Cause IE to Execute E-mail Attachment New

A security vulnerability exists in Internet Explorer which could allow a remote attacker to run code of attacker’s choice by exploiting a flaw in the MIME type handling function.

Issue

Because HTML e-mails are simply web pages, IE can render them and open binary attachments in a way that is appropriate to their MIME types. However, a flaw exists in the type of processing that is specified for certain unusual MIME types. If an attacker created an HTML e-mail containing an executable attachment, then modified the MIME header information to specify that the attachment was one of the unusual MIME types that IE handles incorrectly, IE would launch the attachment automatically when it rendered the e-mail.

An attacker could use this vulnerability in either of two scenarios. She could host an affected HTML e-mail on a web site and try to persuade another user to visit it, at which point script on a web page could open the mail and initiate the executable. Alternatively, she could send the HTML mail directly to the user. In either case, the executable attachment, if it ran, would be limited only by user’s permissions on the system.

Affected Products

• Microsoft Internet Explorer

Download

Patch: http://www.microsoft.com/windows/ie/download/critical/Q290108/default.asp

Further Details

Source: Microsoft Corporation

Reference: Microsoft Corporation

Updated: March 29, 2001

>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<