Microsoft Internet Explorer Image Download Filename Extension Spoofing Vulnerability

Microsoft Internet Explorer Image Download Filename Extension Spoofing Vulnerability

Microsoft Internet Explorer is reported susceptible to a filename extension spoofing vulnerability when utilizing the 'Save Image As' feature.

Reportedly, this vulnerability is only possible when Internet Explorer is configured with 'Hide extension for known file types' enabled. This is the default configuration.

This vulnerability may facilitate the spoofing of filename extensions, resulting in malicious content being inadvertently downloaded to vulnerable Web users.

This issue may be related to BID 3597.