VULHUB ™

Due to a flaw in the way Internet Explorer handles uncommon MIME headers, an attacker could execute arbitrary programs on a users machine. This vulnerability can be exploited by an attacker through a malicious web-page. If such a page is created, the vulnerability can be exploited if the page is visited by a victim using a vulnerable version of MSIE. It is also possible to exploit this vulnerability through e-mail clients which use the MSIE rendering component to handle HTML e-mail. In such a case, an e-mail attachment can be executed without warning the user. The result may be the execution of arbitrary binary programs, such as viruses, worms or trojans, supplied by the attacker on the victim host. Exploits for this issue have been incorporated into a number of worms.

Due to a flaw in the way Internet Explorer handles uncommon MIME headers, an attacker could execute arbitrary programs on a users machine. This vulnerability can be exploited by an attacker through a malicious web-page. If such a page is created, the vulnerability can be exploited if the page is visited by a victim using a vulnerable version of MSIE. It is also possible to exploit this vulnerability through e-mail clients which use the MSIE rendering component to handle HTML e-mail. In such a case, an e-mail attachment can be executed without warning the user. The result may be the execution of arbitrary binary programs, such as viruses, worms or trojans, supplied by the attacker on the victim host. Exploits for this issue have been incorporated into a number of worms.