---------------------------------------------------------------------- Secunia integrated with Microsoft WSUS http://secunia.com/blog/71/ ---------------------------------------------------------------------- TITLE: Microsoft Internet Explorer Local File Disclosure Vulnerabilities SECUNIA ADVISORY ID: SA38416 VERIFY ADVISORY: http://secunia.com/advisories/38416/ DESCRIPTION: Two vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to disclose sensitive information. 1) An error in URLMON when handling redirections can be exploited to bypass domain restrictions and disclose the content of arbitrary local files. This is related to vulnerability #1 in: SA35362 2) An error when handling the "data" parameter of a dynamically created object can be exploited to disclose the content of arbitrary local files. Successful exploitation of the vulnerabilities requires that the full path to a target file is known prior to the attack. The vulnerabilities are reported in Internet Explorer 5.01, 6, 7, and 8. SOLUTION: Enable Network Protocol Lockdown for Windows XP, and Protected Mode on Windows Vista and later. Please see the vendor's advisory for more information. Do not browse untrusted websites or follow untrusted links. PROVIDED AND/OR DISCOVERED BY: Jorge Luis Álvarez Medina and Federico Muttis, Core Security Technologies ORIGINAL ADVISORY: Microsoft: http://www.microsoft.com/technet/security/advisory/980088.mspx Core Security Technologies: http://www.coresecurity.com/content/internet-explorer-dynamic-object-tag OTHER REFERENCES: SA35362: http://secunia.com/advisories/35362/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------