[Vulnerabilidad] Internet Explorer File Download Extension Spoofing

>IE 6.0 SP2

uhhhh, y nosotros que?
no hay alma benedictina que nos ayude?


Saludos
Mr Big Dragon


"Marc S. [MVP Windows]" wrote in message
news:uwS2U%
Si quieres más líos:
http://www.safecenter.net/UMBRELLAW...index.html

La mayoría de las que pude probar ayer con el IE 6.0 SP2 están corregidas.


Saludos

Marc
MCP - MVP Windows Shell/User
NOTA. Por favor, las preguntas y comentarios en los grupos, así nos
beneficiamos todos.

Este mensaje se proporciona "como está" sin garantías de ninguna clase, y no
otorga ningún derecho.
This posting is provided "AS IS" with no warranties, and confers no rights.
You assume all risk for your use.


"Mecanicista" ha escrit en el missatge dels
grups de discussió:O1%

Hola. Gracias.
... Y ya la has liado.
;-)


No busquéis más: la materia ES el milagro.

"Ille Corvus" escribió en el

mensaje

news:
> Fuente: http://www.secunia.com/advisories/10736/
>
> Dentro de un rato intentare traducirlo, existe un enlace de
> demostracion
> De momento no hay solucion al respecto, se recomienda no abrir
> directamente el archivo desde el enlace.
>
>
> Microsoft Internet Explorer File Download Extension Spoofing
>
> Secunia Advisory: SA10736
> Release Date: 2004-01-28
>
> Critical:
> Moderately critical
> Impact: Security Bypass
> Where: From remote
>
> Software: Microsoft Internet Explorer 6
>
> Description:
> http-equiv has identified a vulnerability in Internet Explorer,
> allowing malicious web sites to spoof the file extension of
> downloadable files.
>
> The problem is that Internet Explorer can be tricked into opening a
> file, with a different application than indicated by the file
> extension. This can be done by embedding a CLSID in the file name.
> This could be exploited to trick users into opening "trusted" file
> types which are in fact malicious files.
>
> Secunia has created an online test:
>

http://secunia.com/Internet_Explore...fing_Test/

>
> This has been reported to affect Microsoft Internet Explorer 6.
>
> NOTE: Prior versions may also be affected.
>
> Solution:
> Do not use "Open" file, always save files to a folder as this reveals
> the suspicious filename.
>
> Provided and/or discovered by:
> http-equiv
>
>
>
> Ille Corvus. Hic et Nunc.
>
> Filtrado(s) (KillFile):
> JM Tella Llop (25/10/2003)

Fuente: http://www.secunia.com/advisories/10736/

Dentro de un rato intentare traducirlo, existe un enlace de
demostracion
De momento no hay solucion al respecto, se recomienda no abrir
directamente el archivo desde el enlace.


Microsoft Internet Explorer File Download Extension Spoofing

Secunia Advisory: SA10736
Release Date: 2004-01-28

Critical:
Moderately critical
Impact: Security Bypass
Where: From remote

Software: Microsoft Internet Explorer 6

Description:
http-equiv has identified a vulnerability in Internet Explorer,
allowing malicious web sites to spoof the file extension of
downloadable files.

The problem is that Internet Explorer can be tricked into opening a
file, with a different application than indicated by the file
extension. This can be done by embedding a CLSID in the file name.
This could be exploited to trick users into opening "trusted" file
types which are in fact malicious files.

Secunia has created an online test:

This has been reported to affect Microsoft Internet Explorer 6.

NOTE: Prior versions may also be affected.

Solution:
Do not use "Open" file, always save files to a folder as this reveals
the suspicious filename.

Provided and/or discovered by:
http-equiv



Ille Corvus. Hic et Nunc.

Filtrado(s) (KillFile):
JM Tella Llop (25/10/2003)

Fuente: http://www.secunia.com/advisories/10736/

Dentro de un rato intentare traducirlo, existe un enlace de
demostracion
De momento no hay solucion al respecto, se recomienda no abrir
directamente el archivo desde el enlace.


Microsoft Internet Explorer File Download Extension Spoofing

Secunia Advisory: SA10736
Release Date: 2004-01-28

Critical:
Moderately critical
Impact: Security Bypass
Where: From remote

Software: Microsoft Internet Explorer 6

Description:
http-equiv has identified a vulnerability in Internet Explorer,
allowing malicious web sites to spoof the file extension of
downloadable files.

The problem is that Internet Explorer can be tricked into opening a
file, with a different application than indicated by the file
extension. This can be done by embedding a CLSID in the file name.
This could be exploited to trick users into opening "trusted" file
types which are in fact malicious files.

Secunia has created an online test:

This has been reported to affect Microsoft Internet Explorer 6.

NOTE: Prior versions may also be affected.

Solution:
Do not use "Open" file, always save files to a folder as this reveals
the suspicious filename.

Provided and/or discovered by:
http-equiv



Ille Corvus. Hic et Nunc.

Filtrado(s) (KillFile):
JM Tella Llop (25/10/2003)

>IE 6.0 SP2

uhhhh, y nosotros que?
no hay alma benedictina que nos ayude?


Saludos
Mr Big Dragon


"Marc S. [MVP Windows]" wrote in message
news:uwS2U%
Si quieres más líos:
http://www.safecenter.net/UMBRELLAW...index.html

La mayoría de las que pude probar ayer con el IE 6.0 SP2 están corregidas.


Saludos

Marc
MCP - MVP Windows Shell/User
NOTA. Por favor, las preguntas y comentarios en los grupos, así nos
beneficiamos todos.

Este mensaje se proporciona "como está" sin garantías de ninguna clase, y

otorga ningún derecho.
This posting is provided "AS IS" with no warranties, and confers no

You assume all risk for your use.


"Mecanicista" ha escrit en el missatge

grups de discussió:O1%

Hola. Gracias.
... Y ya la has liado.
;-)


No busquéis más: la materia ES el milagro.

"Ille Corvus" escribió en el

mensaje

news:
> Fuente: http://www.secunia.com/advisories/10736/
>
> Dentro de un rato intentare traducirlo, existe un enlace de
> demostracion
> De momento no hay solucion al respecto, se recomienda no abrir
> directamente el archivo desde el enlace.
>
>
> Microsoft Internet Explorer File Download Extension Spoofing
>
> Secunia Advisory: SA10736
> Release Date: 2004-01-28
>
> Critical:
> Moderately critical
> Impact: Security Bypass
> Where: From remote
>
> Software: Microsoft Internet Explorer 6
>
> Description:
> http-equiv has identified a vulnerability in Internet Explorer,
> allowing malicious web sites to spoof the file extension of
> downloadable files.
>
> The problem is that Internet Explorer can be tricked into opening a
> file, with a different application than indicated by the file
> extension. This can be done by embedding a CLSID in the file name.
> This could be exploited to trick users into opening "trusted" file
> types which are in fact malicious files.
>
> Secunia has created an online test:
>

>
> This has been reported to affect Microsoft Internet Explorer 6.
>
> NOTE: Prior versions may also be affected.
>
> Solution:
> Do not use "Open" file, always save files to a folder as this reveals
> the suspicious filename.
>
> Provided and/or discovered by:
> http-equiv
>
>
>
> Ille Corvus. Hic et Nunc.
>
> Filtrado(s) (KillFile):
> JM Tella Llop (25/10/2003)

>IE 6.0 SP2

uhhhh, y nosotros que?
no hay alma benedictina que nos ayude?


Saludos
Mr Big Dragon


"Marc S. [MVP Windows]" wrote in message
news:uwS2U%
Si quieres más líos:
http://www.safecenter.net/UMBRELLAW...index.html

La mayoría de las que pude probar ayer con el IE 6.0 SP2 están corregidas.


Saludos

Marc
MCP - MVP Windows Shell/User
NOTA. Por favor, las preguntas y comentarios en los grupos, así nos
beneficiamos todos.

Este mensaje se proporciona "como está" sin garantías de ninguna clase, y

otorga ningún derecho.
This posting is provided "AS IS" with no warranties, and confers no

You assume all risk for your use.


"Mecanicista" ha escrit en el missatge

grups de discussió:O1%

Hola. Gracias.
... Y ya la has liado.
;-)


No busquéis más: la materia ES el milagro.

"Ille Corvus" escribió en el

mensaje

news:
> Fuente: http://www.secunia.com/advisories/10736/
>
> Dentro de un rato intentare traducirlo, existe un enlace de
> demostracion
> De momento no hay solucion al respecto, se recomienda no abrir
> directamente el archivo desde el enlace.
>
>
> Microsoft Internet Explorer File Download Extension Spoofing
>
> Secunia Advisory: SA10736
> Release Date: 2004-01-28
>
> Critical:
> Moderately critical
> Impact: Security Bypass
> Where: From remote
>
> Software: Microsoft Internet Explorer 6
>
> Description:
> http-equiv has identified a vulnerability in Internet Explorer,
> allowing malicious web sites to spoof the file extension of
> downloadable files.
>
> The problem is that Internet Explorer can be tricked into opening a
> file, with a different application than indicated by the file
> extension. This can be done by embedding a CLSID in the file name.
> This could be exploited to trick users into opening "trusted" file
> types which are in fact malicious files.
>
> Secunia has created an online test:
>

>
> This has been reported to affect Microsoft Internet Explorer 6.
>
> NOTE: Prior versions may also be affected.
>
> Solution:
> Do not use "Open" file, always save files to a folder as this reveals
> the suspicious filename.
>
> Provided and/or discovered by:
> http-equiv
>
>
>
> Ille Corvus. Hic et Nunc.
>
> Filtrado(s) (KillFile):
> JM Tella Llop (25/10/2003)