Microsoft Internet Explorer Self Executing HTML File Vulnerability

Microsoft Internet Explorer contains a vulnerability that can allow script code within an HTML document to run an embedded executable file. Since the file is an HTML file, Internet Explorer will open and parse the file. When the script that points back to the embedded executable is parsed, the embedded executable will run on the client system in the security context of Internet Explorer.

There have been reports that some users may not be able to reproduce this vulnerability. When more information becomes available, this record will be updated.


 

Privacy Statement
Copyright 2010, SecurityFocus