The Active Network
ActiveMac Anonymous | Create a User | Reviews | News | Forums | Advertise  
 

User Controls

New User

Login

Edit/View My Profile

ActiveMac

Articles

Forums

Links

News

News Search

Reviews

News Centers

Windows/Microsoft

DVD

ActiveHardware

Xbox

MaINTosh

News Search

ANet Chats

The Lobby

Special Events Room

Developer's Lounge

XBox Chat

FAQ's

Windows 98/98 SE

Windows 2000

Windows Me

Windows "Whistler" XP

Windows CE

Internet Explorer 6

Internet Explorer 5

Xbox

DirectX

DVD's

TopTechTips

Registry Tips

Windows 95/98

Windows 2000

Internet Explorer 4

Internet Explorer 5

Windows NT Tips

Program Tips

Easter Eggs

Hardware

DVD

Latest Reviews

Applications

Microsoft Windows XP Professional

Norton SystemWorks 2002

Hardware

Intel Personal Audio Player 3000

Microsoft Wireless IntelliMouse Explorer

Site News/Info

About This Site

Affiliates

ANet Forums

Contact Us

Default Home Page

Link To Us

Links

Member Pages

Site Search

Awards

Credits
©1997/2004, Active Network. All Rights Reserved.
Layout & Design by Designer Dream. Content written by the Active Network team. Please click here for full terms of use and restrictions or read our Privacy Statement.

  *  

  Microsoft Security Bulletin MS01-058: December 2001 Cumulative Patch for IE
Time: 01:26 EST/06:26 GMT | News Source: ActiveWin.com | Posted By: Robert Stein

This is a cumulative patch that, when installed, eliminates all previously discussed security vulnerabilities affecting IE 5.5 and IE 6. In addition, it eliminates three newly discovered vulnerabilities.

  • The first vulnerability involves a flaw in the handling of the Content-Disposition and Content-Type header fields in an HTML stream. These fields, the hosting URL, and the hosted file data determine how a file is handled upon download in Internet Explorer. A security vulnerability exists because, if an attacker altered the HTML header information in a certain way, it could be possible to make IE believe that an executable file was actually a different type of file -- one that it is appropriate to simply open without asking the user for confirmation. This could enable the attacker to create a web page or HTML mail that, when opened, would automatically run an executable on the user's system. This vulnerability affects IE 6.0 only. It does not affect IE 5.5.
  • The second vulnerability is a newly discovered variant of the "Frame Domain Verification" vulnerability discussed in Microsoft Security Bulletin MS01-015. The vulnerability could enable a malicious web site operator to open two browser windows, one in the web site’s domain and the other on the user’s local file system, and to pass information from the latter to the former. This could enable the web site operator to read, but not change, any file on the user’s local computer that could be opened in a browser window. This vulnerabilty affects both IE 5.5 and 6.0.
  • The third vulnerability involves a flaw related to the display of file names in the File Download dialogue box. When a file download is initiated, a dialogue provides the name of the file. However, in some cases, it would be possible for an attacker to misrepresent the name of the file in the dialogue. This could be invoked from a web page or in an HTML email in an attempt to fool users into accepting unsafe file types from a trusted source. This vulnerabilty affects both IE 5.5 and 6.0.
Write Comment
Return to News

  Displaying 776 through 780 of 780
Prev | First 		  The time now is 7:43:49 PM ET.
Any comment problems? E-mail us
#776 By 4240821 (82.115.4.100) at 1/7/2026 1:42:45 PM
https://www.pillowfort.social/posts/6682913
https://www.pillowfort.social/posts/6682824
https://www.pillowfort.social/posts/6682777
https://www.pillowfort.social/posts/6682633
https://www.pillowfort.social/posts/6682415
https://www.pillowfort.social/posts/6682213
https://www.pillowfort.social/posts/6682099
https://www.pillowfort.social/posts/6681843
https://www.pillowfort.social/posts/6681748
https://www.pillowfort.social/posts/6681599

#777 By 4240821 (82.115.4.100) at 1/8/2026 1:35:04 AM
https://www.pillowfort.social/posts/6953903
https://www.pillowfort.social/posts/6953819
https://www.pillowfort.social/posts/6953751
https://www.pillowfort.social/posts/6953702
https://www.pillowfort.social/posts/6953559
https://www.pillowfort.social/posts/6953515
https://www.pillowfort.social/posts/6953459
https://www.pillowfort.social/posts/6953363
https://www.pillowfort.social/posts/6953338
https://www.pillowfort.social/posts/6953282

#778 By 4240821 (82.115.4.100) at 1/9/2026 10:27:39 AM
https://www.pillowfort.social/posts/6906618
https://www.pillowfort.social/posts/6906503
https://www.pillowfort.social/posts/6906435
https://www.pillowfort.social/posts/6906391
https://www.pillowfort.social/posts/6906344
https://www.pillowfort.social/posts/6906294
https://www.pillowfort.social/posts/6906237
https://www.pillowfort.social/posts/6906078
https://www.pillowfort.social/posts/6906005
https://www.pillowfort.social/posts/6905946

#779 By 4240821 (82.115.4.230) at 1/12/2026 4:51:09 AM
https://myvidplay.com/d/knpvxetebscu
https://myvidplay.com/d/13fq6ngmxggj
https://myvidplay.com/d/n9n5pszq39ih
https://myvidplay.com/d/9kof5ftnzmts
https://myvidplay.com/d/0n77che0zvy2
https://myvidplay.com/d/4wgbnpts5243
https://myvidplay.com/d/babaqy4r6qb2
https://myvidplay.com/d/upg2jom2k415
https://myvidplay.com/d/mcjax60mehff
https://myvidplay.com/d/wvih6fsq4dzs

#780 By 4240821 (82.115.4.230) at 1/12/2026 5:32:45 AM
https://myvidplay.com/d/pab1jbgwrpji
https://myvidplay.com/d/1ft32wdr5514
https://myvidplay.com/d/4aneubuu9njd
https://myvidplay.com/d/0zh4b29uoui5
https://myvidplay.com/d/f5z10fi4qqll
https://myvidplay.com/d/d27ufqg75180
https://myvidplay.com/d/g3eqopyhrqi5
https://myvidplay.com/d/df8jtabmej7j
https://myvidplay.com/d/18u4be55z5pc
https://myvidplay.com/d/ex3zshh3ltp2

Write Comment
Return to News
  Displaying 776 through 780 of 780
Prev | First 		  The time now is 7:43:49 PM ET.
Any comment problems? E-mail us
User name and password:

 

   *  
  *   *