![]() ![]() The file will appear to be of an attacker-specified type in the file download dialog presented to the user. This issue could be exploited to disguise executable content in the form of an HTML application (HTA) file as a file type that may appear innocuous to a victim user, such as a media file. The reported vulnerability involves specifying the CLSID for HTML applications in the name of a malicious file, followed by another file name and extension. Extended DescriptionĪ vulnerability has been reported in the Windows Shell that may allow files to be misrepresented to client users. A successful attack can lead to allow a malicious user to spoof the file extension of downloaded files. This signature detects attempts to exploit a known vulnerability against Microsoft Internet Explorer. HTTP: Microsoft IE File Download Extension Spoofing ![]() Microsoft IE File Download Extension Spoofing ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |