Vulnerability: IE file download extension spoofing

Secunia Security Advisories notes http-equiv of Malware has identified a vulnerability in Internet Explorer, allowing malicious web sites to spoof the file extension of downloadable files.

“The problem is that Internet Explorer can be tricked into opening a file, with a different application than indicated by the file extension...This could be exploited to trick users into opening ‘trusted’ file types which are in fact malicious files.”

The vulnerability affects Microsoft Internet Explorer 6.

For more, go to:

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about Microsoft

Show Comments