Signature Detail

HTTP: Internet Explorer XML Disclosure

This signature detects attempts to exploit a known vulnerability in Internet Explorer. Internet Explorer 5.01, 5.5, and 6.0 are vulnerable. Because IE does not properly validate the source parameter of XML SCRIPT data-island, attackers can use a malicious script to view arbitrary XML files on a local machine.

Extended Description

A flaw in Microsoft Internet Explorer may reveal the entire contents of XML files and partial contents of other files to attackers. This vulnerability allows an attacker to read the entire contents of XML files, and fragments of other files, existing in a known location, from a victim user's system. This vulnerability can be exploited via a malicious webpage or via malicious HTML e-mail. Other applications that use the Internet Explorer engine are affected as well (Outlook, MSN Explorer, etc.).

Affected Products

• Microsoft Internet Explorer 5.0.1
• Microsoft Internet Explorer 5.0.1 For Windows 2000
• Microsoft Internet Explorer 5.0.1 For Windows 95
• Microsoft Internet Explorer 5.0.1 For Windows 98
• Microsoft Internet Explorer 5.0.1 For Windows NT 4.0
• Microsoft Internet Explorer 5.0.1 SP1
• Microsoft Internet Explorer 5.0.1 SP2
• Microsoft Internet Explorer 5.5
• Microsoft Internet Explorer 5.5 SP1
• Microsoft Internet Explorer 5.5 SP2
• Microsoft Internet Explorer 6.0

References

• BugTraq: 13943
• BugTraq: 5560
• CVE: CVE-2002-0648