First published: Tue Aug 09 2016(Updated: )
Microsoft Internet Explorer 10 and 11 load different files for attempts to open a file:// URL depending on whether the file exists, which allows local users to enumerate files via vectors involving a file:// URL and an HTML5 sandbox iframe, aka "Internet Explorer Information Disclosure Vulnerability."
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Internet Explorer | =10 | |
Microsoft Internet Explorer | =11 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.