IE7 vulnerability discovered already

Pants spied around Volish ankles

By INQUIRER newsdesk

Thu Oct 19 2006, 11:00

INSECURITY FIRM Secunia, has already found an insecurity in newly unleashed IE7

The vulnerability can be exploited to disclose potentially sensitive information the firm says, though it gives it just two out of five on its criticality meter.

An exasperated Thomas Kristensen, CTO of Secunnia says, "It is the half-year old information disclosure vulnerability which allows malicious sites to sneak on the content of other sites which hasn't been patched in the brand new IE7 release."

The vulnerability is caused due to an error in the handling of redirections for URLs with the "mhtml:" URI handler. This can be exploited to access documents served from another web site, the firm notes, here.,

The firm posted an online demonstration, of the vulnerability here. µ

Adobe rushes out two patches No exploits yet Wednesday, 17 February 2010, 09:51 AM Read more	Microsoft has another IE flaw Aiyeee Thursday, 4 February 2010, 13:10 PM Read more
Microsoft fixes IE6 flaw off schedule Too late for those who switched Thursday, 21 January 2010, 12:56 PM Read more	Civil liberties group gives warnings for 2010 EFF is on the digital front lines Tuesday, 19 January 2010, 15:30 PM Read more
Ruby on Rails flaw is found and fixed Goodbye Ruby bluesday Friday, 4 September 2009, 13:40 PM Read more	Microsoft warns of a security hole The Vole hasn't fixed it yet Tuesday, 7 July 2009, 09:36 AM Read more

< Previous article| Next article >

Comments

There are no comments submitted yet. Do you have an interesting opinion? Then be the first to post a comment.

INQ Whitepapers

Databases

Network management

Security

Service oriented architecture

Storage

INQ Jobs

Senior Java developer / Te

Senior Java developer / Tea...

INQ Poll

Digital Economy Bill

Is the Digital Economy Bill a good thing?

Yes, it'll stamp out illegal downloading

Yes, I work for a law firm that specialises in copyright litigation

No, I'm concerned about how the copyright aspects will be enforced

No, it's a complete travesty of freedom

It doesnt affect me, I live in cloud cuckoo land

View other polls

© Incisive Media Investments Limited 2010, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093

SEARCH :

Site Credentials:

Business & Technology websites:

Business research resources:

Products:

Investment Market IT websites:

Find out what you are worth:

Search for a job:

Recruitment Agency A-Z Directory: All | A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

IE7 vulnerability discovered already

Share this:

Hitachi 3D mobile tips up

Samsung shows off Navibot vacuum cleaner robot