 |
 |
 |
 |
 |
Information about your favorite browser: news, articles and more.
IE and Firefox cough up hard drive contents
Published February 16th, 2007 in Browser Security, Exploits & Vulnerabilities, Firefox, Internet Explorer
The latest versions of Internet Explorer and Firefox on Windows and (in the case of Firefox) Unix systems are vulnerable to attacks 
that could reveal the contents of sensitive files residing on a victim’s hard drives. The vulnerability resides in the functionality that allows the browsers to upload files to a remote server. It requires a victim to visit a booby-trapped website and enter text with certain characters in a comment interface or other input field.
Demonstration exploits, one for IE and the other for Firefox, show how typing a simple string into a message box reveals a Windows user’s boot.ini file. IE and Firefox cough up hard drive contents | Channel Register
