Now, that didn’t take long, did it…?

Internet Explorer 7 “mhtml:” Redirection Information Disclosure

Secunia Advisory: SA22477
Release Date: 2006-10-19

Less critical
Impact: Exposure of sensitive information
Where: From remote
Solution Status: Unpatched

Software: Microsoft Internet Explorer 7.x

This advisory is currently marked as unpatched!
– Companies can be alerted when a patch is released!

A vulnerability has been discovered in Internet Explorer, which can be exploited by malicious people to disclose potentially sensitive information.

The vulnerability is caused due to an error in the handling of redirections for URLs with the “mhtml:” URI handler. This can be exploited to access documents served from another web site.

One comment

Leave a Reply

Your email address will not be published. Required fields are marked *