Microsoft IE Content-Type域任意文件可执行漏洞

发布时间：2002-02-18
更新时间：2002-02-18
严重程度：高
威胁程度：普通用户访问权限
错误类型：设计错误
利用方式：客户机模式

BUGTRAQ ID：4085

受影响系统

Microsoft Internet Explorer 5.0.1SP2
   - Microsoft Windows 2000 Workstation
   - Microsoft Windows 2000 Workstation SP1
   - Microsoft Windows 2000 Workstation SP2
   - Microsoft Windows 95
   - Microsoft Windows 98
   - Microsoft Windows NT 4.0SP3
   - Microsoft Windows NT 4.0SP4
   - Microsoft Windows NT 4.0SP5
   - Microsoft Windows NT 4.0SP6
   - Microsoft Windows NT 4.0SP6a
Microsoft Internet Explorer 5.5SP2
   - Microsoft Windows 2000 Terminal Services
   - Microsoft Windows 2000 Workstation
   - Microsoft Windows 2000 Workstation SP1
   - Microsoft Windows 2000 Workstation SP2
   - Microsoft Windows 95
   - Microsoft Windows 98
   - Microsoft Windows 98SE
   - Microsoft Windows ME
   - Microsoft Windows NT 4.0SP3
   - Microsoft Windows NT 4.0SP4
   - Microsoft Windows NT 4.0SP5
   - Microsoft Windows NT 4.0SP6
   - Microsoft Windows NT 4.0SP6a
   - Microsoft Windows NT Enterprise Server 4.0
   - Microsoft Windows NT Terminal Server 4.0
Microsoft Internet Explorer 5.5SP1
   - Microsoft Windows 2000 Workstation
   - Microsoft Windows 2000 Workstation SP1
   - Microsoft Windows 2000 Workstation SP2
   - Microsoft Windows 95
   - Microsoft Windows 98
   - Microsoft Windows NT 4.0SP3
   - Microsoft Windows NT 4.0SP4
   - Microsoft Windows NT 4.0SP5
   - Microsoft Windows NT 4.0SP6
   - Microsoft Windows NT 4.0SP6a
Microsoft Internet Explorer 6.0
   - Microsoft Windows 2000 Workstation
   - Microsoft Windows 2000 Workstation SP1
   - Microsoft Windows 2000 Workstation SP2
   - Microsoft Windows 98
   - Microsoft Windows 98SE
   - Microsoft Windows ME
   - Microsoft Windows NT 4.0SP6a

详细描述
Microsoft Internet Explorer 使用Content-Type 头信息来判断下载文件时候的
类型。

其中IE在处理Content-Type 头信息的时候存在漏洞，可以导致建立恶意Content-Type 头信息而造成文件被下载并自动被执行。

测试代码
一个相关的演示页面如下：

http://www.gfi.com/emailsecuritytest

解决方案
下载如下补丁程序：

Microsoft Internet Explorer 5.0.1SP2:

Microsoft Patch q316059_IE 5.01
http://download.microsoft.com/download/ie501sp2/secpac25/5.01_sp2/NT5/EN-US/q316059.exe

Microsoft Internet Explorer 5.5SP2:

Microsoft Patch q316059_IE 5.5SP2
http://download.microsoft.com/download/ie55sp2/secpac25/5.5_sp2/WIN98Me/EN-US/q316059.exe

Microsoft Internet Explorer 5.5SP1:

Microsoft Patch q316059_IE 5.5SP1
http://download.microsoft.com/download/ie55sp1/secpac25/5.5_sp1/WIN98Me/EN-US/q316059.exe

Microsoft Internet Explorer 6.0:

Microsoft Patch q316059_IE6
http://download.microsoft.com/download/IE60/secpac25/6/W98NT42KMeXP/EN-US/q316059.exe

相关信息
参考：http://www.securityfocus.com/archive/1/255767
http://www.microsoft.com/technet/security/bulletin/MS02-005.asp

最近严重漏洞

Microsoft IE Content-Type域任意文件可执行漏洞