VULHUB ™

By default Microsoft Internet Explorer executes scripts from websites in the Internet Zone. Due to a flaw in the way that Internet Explorer deals with cookies, it will execute any scripts embedded within a cookie in the Local Computer zone with the same privilege level as the currently logged in user. It has been reported that this issue is based on the ability to force Internet Explorer to open arbitrary known files as HTML content. As a result, any local file which contains valid HTML or JavaScript may be rendered as such by the browser. Additional attack vectors beyond cookie files may exist. Normally only files with the registered extensions .html or .htm will be interpreted as HTML content.

By default Microsoft Internet Explorer executes scripts from websites in the Internet Zone. Due to a flaw in the way that Internet Explorer deals with cookies, it will execute any scripts embedded within a cookie in the Local Computer zone with the same privilege level as the currently logged in user. It has been reported that this issue is based on the ability to force Internet Explorer to open arbitrary known files as HTML content. As a result, any local file which contains valid HTML or JavaScript may be rendered as such by the browser. Additional attack vectors beyond cookie files may exist. Normally only files with the registered extensions .html or .htm will be interpreted as HTML content.