Microsoft Internet Explorer is reported prone to multiple vulnerabilities. These issues may allow remote attackers to execute arbitrary script code, disclose sensitive information and execute files from the local system. These issues are alleged to have been addressed by MS05-014. The following specific issues were identified: The first issue may allow remote attackers to place arbitrary files on a vulnerable computer. It is possible that this issue is related to BID 10973 (Microsoft Internet Explorer Implicit Drag and Drop File Installation Vulnerability) and BID 11466 (Microsoft Internet Explorer Valid File Drag and Drop Embedded Code Vulnerability). It is not known if this variant is distinct from other known issues The browser is reported prone to another cross-zone scripting vulnerability. It is reported that an attacker can link to local resources by crafting a malicious Web site and enticing a user to visit the site. This issue is triggered when the user clicks on the...
Microsoft Internet Explorer is reported prone to multiple vulnerabilities. These issues may allow remote attackers to execute arbitrary script code, disclose sensitive information and execute files from the local system. These issues are alleged to have been addressed by MS05-014. The following specific issues were identified: The first issue may allow remote attackers to place arbitrary files on a vulnerable computer. It is possible that this issue is related to BID 10973 (Microsoft Internet Explorer Implicit Drag and Drop File Installation Vulnerability) and BID 11466 (Microsoft Internet Explorer Valid File Drag and Drop Embedded Code Vulnerability). It is not known if this variant is distinct from other known issues The browser is reported prone to another cross-zone scripting vulnerability. It is reported that an attacker can link to local resources by crafting a malicious Web site and enticing a user to visit the site. This issue is triggered when the user clicks on the attacker's site. Another issue affecting the application allows malicious Web sites to reference sites from the 'Temporary Internet Files' folder. The application is prone to a vulnerability that may allow attackers to execute files from the Local zone. These issues may be combined to ultimately execute arbitrary code in the Local zone. This can lead to unauthorized access to the vulnerable computer. Internet Explorer 5.01 and 5.5 have been reported vulnerable as well. This BID will be divided into individual BIDs and updated when further analysis is complete.
