Microsoft Temporary Internet File Execution Vulnerability

Microsoft Temporary Internet File Execution Vulnerability

Temporary Internet Files (TIFs) are formatted files used to store content cached from Internet communications. TIFs are created by a number of Microsoft applications, such as Outlook, Outlook Express, and Internet Explorer.

Under some circumstances, it may be possible to execute files within a TIF. When an application such as Internet Explorer 6.0 or Outlook 2002 receives files from outside, the files are transferred to a TIF using a .TMP extension. Through the use of MIME base64, it is possible to place a set of files on a system that, when decoded and stored in a directory, may be sequentially and arbitrarily executed.