CVE-1999-0793

Vulnerability

Internet Explorer versions 4.01 and 5 contain a vulnerability where client-local data displayed in the browser window can be redirected to a Javascript applet running in the same window, effectively bypassing cross-domain security [1]. This allows a malicious web site operator to read files on the user's computer if the attacker knows the filename and folder path.

Exploitation

The attacker hosts a malicious web page that, when visited by a user running Internet Explorer 4.01 or 5, uses a redirect to send local file data to a Javascript applet. No authentication or user interaction beyond visiting the site is required. The attacker must know the exact file name and folder location to target specific files.

Impact

Successful exploitation allows the attacker to read the contents of local files on the victim's computer. The vulnerability does not allow listing folder contents, creating, modifying, or deleting files, nor does it grant administrative control [1]. The CIA impact is limited to information disclosure (confidentiality breach) of known files.

Mitigation

Microsoft released a security update in October 1999 (MS99-043) to completely eliminate the vulnerability [1]. The patch for Internet Explorer 4.01 requires IE 4.01 Service Pack 2 to install. Users should apply the patch from the Microsoft Update site. No workaround is needed as the patch is available.