Microsoft Internet Explorer JavaScript Key Filtering Variant Vulnerability

Microsoft Internet Explorer JavaScript Key Filtering Variant Vulnerability

Microsoft Internet Explorer is prone to a JavaScript key-filtering vulnerability because the browser fails to securely handle keystroke input from users.

Exploiting this issue requires that users manually type the full path of files that attackers wish to download. This may require substantial typing from targeted users, so attackers will likely use keyboard-based games, blogs, or other similar pages to entice users to enter the required keyboard input to exploit this issue.

This issue is similar to the one described in BID 22524 (Mozilla Firefox JavaScript Key Filtering Variant Vulnerability), and is a variant of the one described in BID 18308 (Multiple Vendor Web Browser JavaScript Key Filtering Vulnerability).