header-logo
Suggest Exploit
vendor:
Internet Explorer
by:
SecurityFocus
7.5
CVSS
HIGH
Zone Bypass
264
CWE
Product Name: Internet Explorer
Affected Version From: Internet Explorer 5.0
Affected Version To: Internet Explorer 6.0
Patch Exists: Yes
Related CWE: N/A
CPE: a:microsoft:internet_explorer
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2002

Internet Explorer Zone Bypass Vulnerability

Internet Explorer is reported to be vulnerable to a zone bypass issue. Allegedly, if Internet Explorer attempts to open a web page containing numerous 'file://' requests each contained in a separate Iframe, the requested file will eventually be executed in the Local Computer zone.

Mitigation:

Disable ActiveX controls and scripting in the Internet Zone, and set the security level to High.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/7539/info

Internet Explorer is reported to be vulnerable to a zone bypass issue. Allegedly, if Internet Explorer attempts to open a web page containing numerous 'file://' requests each contained in a separate Iframe, the requested file will eventually be executed in the Local Computer zone. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/22575.rar (dmz.rar Password: zones)

Navigation

Suggest Exploit

Services By CQR