[LINK] Internet Explorer allows reading of local files by remote webpages
Tue, 27 Nov 2001 10:24:46 +1100
I have sent a message to the bug traq poster explaining that the problem is
five years old and has been fixed, and asking him to update his earlier
Andy Farkas wrote:
> I recall somebody wondering about how a webserver could run code or read
> files on a client machine. A new bug has been discovered that allows you
> to do just that. Scary. More info would be at www.securityfocus.com.
> ---------- Forwarded message ----------
> Date: Sun, 25 Nov 2001 11:52:04 +0100
> From: Markus Kern <firstname.lastname@example.org>
> To: email@example.com
> Subject: Internet Explorer allows reading of local files by
> remote webpages
> There is a vulnerability in MS Internet Explorer that allows
> any webpage or HTML email to read arbitrary local files.
> This bug may also lead to remote command execution.