Microsoft Temporary Internet File Execution Vulnerability

Temporary Internet Files (TIFs) are formatted files used to store content cached from Internet communications. TIFs are created by a number of Microsoft applications, such as Outlook, Outlook Express, and Internet Explorer.

Under some circumstances, it may be possible to execute files within a TIF. When an application such as Internet Explorer 6.0 or Outlook 2002 receives files from outside, the files are transferred to a TIF using a .TMP extension. Through the use of MIME base64, it is possible to place a set of files on a system that, when decoded and stored in a directory, may be sequentially and arbitrarily executed.


Privacy Statement
Copyright 2010, SecurityFocus