Internet Explorer FTP malformed file name...
Internet Explorer FTP malformed file name...
Date Discovered: December 30, 2004
Date Published: January 29, 2005
Last Updated: January 29, 2005
Vulnerability ID: 32173
Discovered by: Albert Puigsech Galicia
Exploitable Locally: No
Exploitable Remotely: Yes
Impact: Remote attackers can gain authorized system access.
Root Cause: Software Vulnerability
Microsoft Internet Explorer contains a vulnerability that can allow an attacker to gain unauthorized system access. The vulnerability is due to improper handling of FTP files containing certain characters. Attackers can create a carefully crafted file which could replace system files using directory traversal attacks when downloaded.
Recommendations
Technical Recommendation - 32173
The issue is fixed by Windows XP SP2.
Windows 2000 users should contact Microsoft Product Support Services to recieve the hotfix. Request the hotfix for Article ID : 810790.
http://support.microsoft.com/oas/default.aspx?ln=en-us&prid=8438&gprid=35540
Affected Technologies
Microsoft: Internet Explorer 6 SP1
References
Mitre CVE: CAN-2004-1376
Source : Computer Associates International
www.ca.com
- Microsoft revamps Bing to include interactive social sidebar
The three-column interface also includes a ´snapshot´ for more direct interaction with products and places.
- Adobe Creative Cloud Now Available
Two New Touch Apps for iOS and Adobe Muse Also Shipping
- Acer G6 series - Super-slim design, inspiring performance
- Come Explore the VIA Smart Ecosystem at Computex 2012
- HP tries to beat ultrabook pricing with thin-and-light Sleekbooks
- MasterCard´s PayPass Wallet will span online, mobile, in-store shopping
- Google infringed Java copyrights in Android, jury finds
- After false alarm, no verdict Friday in Oracle Google
- Lenovo building industrial center to develop tablets, smartphones
- Facebook´s valuation for IPO will be lower than initially expected
Member of IVSZ
Member of SZEK
Acer Affinity Gold partner
Dell Registered Partner
OKI System Shinrai Partner
XEROX Viszonteladó
APC megbízható szállító
EATON Authorized Partner
Cisco partner
Symantec Software Partner
ESET Partner
FUJITSU partner
LENOVO Premium Partner
IBM Business Partner
PARTNERS: Computerworld.hu | GameStar.hu | PCWorld.hu | SG.hu | PC Guru | Hitel